This objective covers the tools and procedures necessary to back up and recover your server in the event of a disaster, either large or small. Windows BackupWindows Backup allows you to back up files and folders on FAT16, FAT32, and NTFS volumes. However, if you have backed-up data on an NTFS volume, restoring to either type of FAT volume will result in a loss of configured file and folder permissions, in addition to the loss of encryption and compression attributes. To back up and restore a Windows Server 2003 server, you must be a member of the local Administrators or the Backup Operators group. If you are a member of the local Administrators or the Backup Operators group on a domain controller, you can back up and restore a file on any computer that is a member of the domain or has a two-way trust relationship with the domain. If you are not a member of either of these groups, you will only be able to back up the files you are the owner of or those you have at least Read permissions for. Windows Server 2003 has five backup options, as detailed in the following list. Each type varies as to what is backed up and whether or not the archive bit is set. The archive bit is a file attribute that is turned on when a file is created or modified, and it is cleared whenever a file is successfully backed up. It is used to let the backup software know which files need to be backed up based on whether they have just been created or whether modifications to previously backed-up files have happened since the last backup. Here's the list of backup options in Windows Server 2003:
System State BackupsSystem state data is a collection of data that contains the operating system configuration of the server. For all Windows Server 2003 operating systems, the system state data includes the following:
The system state data also includes the Certificate Services database (if the server is operating as a certificate server). If the server is a domain controller, the system state data also includes the Active Directory Services database and the SYSVOL directory. The system state will include the IIS Metabase or the Cluster Service configuration if these features are installed on the server. Due to their interdependencies, these components cannot be backed up or restored separately. Restoring System State DataAlthough you can't selectively back up components of the system state, you can restore the following system state components to an alternate location:
The Active Directory, IIS Metabase, COM+ Class Registration and Certificate Services databases, and the Windows File Protection folder cannot be restored to an alternate location. Volume Shadow CopyBy using Volume Shadow Copy with Windows Backup, you can back up most open files. When Volume Shadow Copy is used during a backup and an open file is encountered, a snapshot is taken of the file. This is an exact copy of the file, and it is saved to another area on the disk. This copy is then saved via the Backup utility. Volume Shadow Copy offers the following advantages:
The Volume Shadow Copy Service (VSS) allows users to view the contents of shared folders, as they existed at specific points in time, and to restore a previous copy of a file. The Volume Shadow Copy feature works by setting aside a configurable amount of space, either on the same or a different volume. This space is used to save any changes to the files on the volume that Volume Shadow Copy is enabled on. These changes are added by making a block-level copy of any changes that have occurred to files since the last shadow copy. Only the changes are copied, not the entire file. As new shadow copies are added, the oldest one will be purged when you either run out of allocated space or the number of shadow copies reaches 64. The following guidelines apply:
A Volume Shadow Copy client is required for Windows XP, Windows 2000 Professional, and Windows 98 users. The client is located in the %systemroot%\system32\clients\twclient folder on Windows Server 2003 systems. Advanced Options MenuThe Advanced Options menu allows you to select from a variety of options that can be used to troubleshoot and repair server startup and driver problems. The following options are available on the Windows Server 2003 Advanced Options menu:
Unlike a normal logon, the Safe Mode options do not update the Last Known Good Configuration information. Therefore, it will still be an option if you try Safe Mode first. Recovery ConsoleThe Recovery Console is a DOS-like command-line interface in which you can perform a limited set of commands and start and stop system services. Unlike booting from a DOS disk, the Recovery Console allows you access to files on an NTFS-formatted volume. The Recovery Console is not installed by default; you must install it manually after you have installed Windows Server 2003. It can also be run from the Windows Server 2003 CD-ROM. After you log on, the commands in Table 10 are available:
There are some limitations, however:
Recovering System State Data by Using Directory Services Restore ModeOn a domain controller, the Active Directory files are restored as part of the system state. The system state on a domain controller consists of the following:
The individual components cannot be backed up or restored separately; they can only be handled as a unit. When Active Directory is in a corrupted state on all the domain controllers, it will be necessary to restore AD from tape and force the replication of the restored data to all the other domain controllers. This type of operation is called an authoritative restore. An authoritative restore will cause the data that is restored from tape to overwrite the corrupted data that is stored on all the domain controllers. If only a single Active Directory object is accidentally deleted, it is possible to restore only that object from a backup tape by performing a partial authoritative restore. To restore an object, you will need to know its common name (CN), the Organization Unit (OU), and the domain (DC) the object was located in. First, boot into Directory Restore mode and start the NTDSUtil utility. For example, to restore the ABC St. Louis User OU, in the abc.com domain, you would enter the following command: Restore Subtree "OU=ABC St. Louis User,DC=abc,DC=com" Implementing Automated System Recovery (ASR)Automated System Recovery (ASR) works by making a backup of the boot partition onto tape or other media. It then saves the catalog and other operating system information, such as system state and disk partition information, to a floppy disk. When a problem occurs that cannot be fixed by using any of the other repair and recovery methods, or if you have replaced a failed boot drive, you will need to boot your server from the Windows Server 2003 CD-ROM and then insert the floppy disk and the backup media that was created by the ASR process. ASR installs a generic version of Windows Server 2003 that is used to mount and restore your boot partition from the backup media created by ASR. This process not only restores the information on your boot drive, it also restores the disk signatures and re-creates the boot partition or volume, if necessary. It will not recover or delete any data volumes, however. |