Windows Server 2003 Service Backup Options


Most Windows Server 2003 services that contain a database or local files are backed up with the system state but also provide alternate backup and restore options. Because the system state restore is usually an all-or-nothing proposition except when it comes to cluster nodes and domain controllers, restoring an entire system state may deliver undesired results if only a specific service database restore is required. This section outlines services that either have separate backup/restore utilities or require special attention to ensure a successful backup.

Disk Configuration (Software RAID Sets)

Disk configuration is not a service but should be backed up to ensure that proper partition assignments can be restored. When dynamic disks are used to create complex volumes such as mirrored, striped, spanned, or RAID 5 volumes, the disk configuration should be saved. This way, if the operating system is corrupted and needs to be rebuilt from scratch, the complex volumes will need to have only their configuration restored, which could greatly reduce the recovery time. Only an automated system recovery backup can back up disk and volume configuration.

Certificate Services

Installing Certificate Services creates a Certificate Authority (CA) on the Windows Server 2003 system. The CA is used to manage and allocate certificates to users, servers, and workstations when files, folders, email, or network communication needs to be secured or encrypted.

When the CA allocates a certificate to a machine or user, that information is recorded in the certificate database on the local drive of the CA. If this database is corrupted or deleted, all certificates allocated from this server become invalid or unusable. To avoid this problem, the certificates and Certificate Services database should be backed up frequently. Even if certificates are rarely allocated to new users or machines, backups should still be performed regularly.

Certificate Services can be backed up in three ways: by backing up the CA server's system state, using the Certificate Authority Microsoft Management Console (MMC) snap-in, or using the command-line utility Certutil.exe. Backing up Certificate Services by backing up the system state is the preferred method because it can be easily automated and scheduled. But using the graphic console or command-line utility adds the benefit of being able to restore Certificate Services to a previous state without restoring the entire server system state or taking down the entire server for the restore.

To create a backup of the Certificate Authority using the graphic console, follow these steps:

1.

Log on to the Certificate Authority server using an account with Local Administrator rights.

2.

Open Windows Explorer and create a folder named CaBackup on the C: drive.

3.

Click Start, All Programs, Administrative Tools, Certification Authority.

4.

Expand the Certificate Authority icon and select the desired CA server.

5.

From the console window, select the Action pulldown menu and select All Tasks, BackUp CA.

6.

Click Next on the Certification Authority Backup Wizard Welcome screen.

7.

On the Items to Back Up page, check the Private Key and CA Certificate box and the Certificate Database and Certificate Database Log box, as shown in Figure 32.4.

Figure 32.4. Selecting items for the Certificate Authority backup.


8.

Specify the location to store the CA backup files. Use the folder created in the beginning of this process. Click Next to continue.

9.

When the CA certificate and private key are backed up, this data file must be protected with a password. Enter a password for this file, confirm it, and click Next to continue.

Note

To restore the CA private key and CA certificate, you must use the password entered in step 9. Store this password in a safe place, possibly with the Master account list.

10.

Click Finish to create the CA backup.

Domain Name Service

Domain Name Service (DNS) configuration data is stored in the Registry and is backed up with the system state backup. For each DNS zone that is hosted on the Windows Server 2003 system, a backup zone file is created and stored in the %systemroot%\DNS\Backup folder. These files can be backed up and used to restore a DNS zone to the same server after a restore or to a completely different server. For information on how to create a DNS zone from an existing file, refer to Chapter 33 on restoring DNS data.

Note

Active Directoryintegrated zones will not have a valid backup file in the DNS/backup folder. To back up an Active Directory-integrated zone, perform a system state backup on any AD domain controller running DNS and hosting the zone.


Windows Internet Naming Service

Windows Internet Naming Service (WINS) is a database composed of NetBIOS names and their corresponding IP addresses. The NetBIOS names include domain, server, and workstation names, along with other records used to identify services such as the master browser. The WINS database is backed up by performing a system state backup of the WINS server or by initiating a backup using the WINS console.

Because the WINS database is populated by servers and workstations dynamically, in some cases backing up may not be necessary. When WINS contains several static mappings, a WINS backup is essential because records will not be re-created automatically if the WINS database is corrupted or rebuilt from scratch. Also, even if only dynamic records populate the database, each device registers with WINS only on startup and then periodically, so the record may not be re-created in time. This results in NetBIOS-dependent clients failing to locate the proper server or workstation.

To create a backup using the WINS console, perform the following steps:

1.

Log on to the WINS server using an account with Local Administrator access.

2.

Click Start, All Programs, Administrative Tools, WINS.

3.

If the local WINS server does not appear in the window, right-click WINS in the left pane and select Add Server.

4.

Type in the NetBIOS or fully qualified domain name of the WINS server and click OK.

5.

Select the WINS server in the left pane.

6.

Right-click the WINS server and select Properties.

7.

In the lower section of the General tab, type in the path where the WINS backup should be stored. Check the box to enable WINS database backup during server shutdown, as shown in Figure 32.5.

Figure 32.5. Configuring WINS backup options.


8.

Click OK to close the WINS server property pages.

9.

Right-click the WINS server in the left pane and select Back Up Database.

10.

When the Browse for Folder window opens, select the appropriate folder to back up the WINS database and click OK to perform the backup.

11.

A pop-up window appears stating whether the backup was successful. If it was, click OK, close the WINS console, and log off the WINS server.

12.

If the backup failed, check Permissions in the specified directory to ensure that the logged-on user and system account have at least Modify privileges. Then attempt the backup again.

Dynamic Host Configuration Protocol

The Dynamic Host Configuration Protocol (DHCP) server is responsible for assigning IP addresses and options to devices on the network in need of network configuration. DHCP allocates IP configurations, including IP addresses, subnet masks, default gateways, DNS servers, WINS servers, and for RIS servers, TFTP servers and boot filenames. Other IP options can be configured, depending on the organization's needs.

These IP address scope properties and options are stored in the DHCP database. This database also stores the information concerning IP address leases and reservations. The DHCP database is backed up with a server system state backup, but it can also be backed up using the DHCP console.

To back up the DHCP database from the console, follow these steps:

1.

Log on to the DHCP server using an account with Local Administrator access.

2.

Click Start, All Programs, Administrative Tools, DHCP.

3.

If the local DHCP server does not appear in the window, right-click DHCP in the left pane and select Add Server.

4.

Type in the fully qualified domain name for the DHCP server and click OK.

5.

Right-click the DHCP server in the left pane and select Properties.

6.

Select the Advanced tab.

7.

In the Backup Path field, the default location for the DHCP database is already populated. If this location is acceptable, click OK. If it is not the correct location, type in or browse for the appropriate backup folder.

8.

Right-click the DHCP server in the left pane and choose Backup.

9.

Select the folder specified in the DHCP Backup Location field in the DHCP Server Advanced property page.

10.

When the backup is complete, no confirmation pop-up window will appear. If it fails, an error will be displayed. Close the DHCP console and log off the server.

Distributed File System

The Distributed File System (DFS) is a Windows Server 2003 service that improves file share availability by providing a single unified namespace to access shared folders hosted across different servers. When domain DFS roots are used, DFS targets can be configured to replicate with one another using the File Replication Service. Domain DFS stores the DFS root, link, target, and replication information in Active Directory. When a standalone DFS root is used, the configuration is stored in the DFS root server's Registry. Backing up the system state of a standalone DFS root server backs up the DFS configuration. For domain DFS roots, backing up the system state of a domain controller accomplishes this task. More information on DFS can be found in Chapter 30.

A command-line utility called Dfscmd.exe can be used to list standalone or domain DFS root information, including root targets, links, and link targets. This information can be saved to a file and be used to restore this information if the DFS configuration is lost. This utility does not list, record, or re-create replication connections for domain DFS roots and targets that are configured for replication.

To create a file containing DFS root configurations, perform the following steps:

1.

Log on to either the standalone DFS root server or a server in the domain using an account with privileges to create domain DFS roots and links.

2.

Click Start, Run and then type cmd.exe. Press Enter when you're done to open the command prompt.

3.

To create a file containing all the root and link targets associated with a domain DFS root called \\Companyabc.com\Apps, type Dfscmd.exe /View \\Companyabc.com\Apps /Batchrestore > DFSrestore.bat and press Enter. This will create a file that can be used to restore additional root targets and create links and link targets when the initial DFS root target is re-created.

Note

Dfscmd.exe is a great tool because it can be used to back up DFS configuration information, but it cannot create the initial DFS root target, nor can it copy replication information for domain DFS targets that are configured for replication. To back up domain DFS completely, perform a backup of the Active Directory database by backing up the system state of a domain controller in the appropriate domain.


Internet Information Services

Internet Information Services (IIS) is Windows Server 2003's Web and FTP server. It is included on every version of the Windows Server 2003 platform but is not installed by default. IIS stores configuration information for Web and FTP site configurations and security in the IIS metabase. The IIS metabase can be backed up by performing a system state backup of the server running IIS, but it can also be backed up using the IIS console. The IIS metabase should be backed up separately before and after an IIS configuration change is made to ensure a successful rollback and to have the latest IIS configuration data backed up after the update.

To back up the IIS metabase using the IIS console, perform the following steps:

1.

Log on to the IIS server using an account with Local Administrator access.

2.

Click Start, All Programs, Administrative Tools, Internet Information Services (IIS) Manager.

3.

If the local IIS server does not appear in the window, right-click Internet Information Services in the left pane and select Connect.

4.

Type in the fully qualified domain name for the IIS server and click OK.

5.

Right-click the IIS server in the left pane and select All Tasks, Backup/Restore Configuration.

6.

The Configuration Backup/Restore window lists all the automatic IIS backups that have been created. Click the Create Backup button.

7.

Enter the backup name and, if necessary, check the Encrypt Backup Using Password box. Enter and confirm the password, and click OK when you're finished, as shown in Figure 32.6.

Figure 32.6. Creating an IIS configuration backup.


8.

When the backup is complete, it is listed in the Configuration Backup/Restore window. Click Close to return to the IIS console.

Before a change is made to the IIS configuration, a backup should be manually created first. When the change is completed, the administrator should either perform another backup or choose the option to save the configuration to disk. The administrator can save new IIS configuration changes to disk by right-clicking the IIS server, selecting All Tasks, and then choosing Save Configuration to Disk. This option works correctly only after a change has been made that has not yet been recorded in the IIS metabase.

Backing Up the Remote Storage Service

The Remote Storage service keeps track of managed volume configurations and migrated data using the Remote Storage database. To back up the Remote Storage database, the administrator needs to back up the information in the system state.

If the Remote Storage service is installed, the administrator can back up the data associated with the remote storage media and migrated data by simply backing up the data contained in the following directories:

%systemroot%\System32\Ntmsdata %systemroot%\System32\Remotestorage 


If the Remote Storage service is running, the data in the Remote Storage folder cannot be backed up unless the system state is backed up.

Note

The Remote Storage database is backed up only when the system state is backed up using an account with Administrative access on the server.


Backing Up the Removable Storage Service

The two services Remote Storage and Removable Storage sound similar and sometimes are mixed up with one another. The Remote Storage service is used to manage a volume. The Removable Storage service is used to manage removable media, such as tapes and optical media.

To back up the Removable Storage media information, back up the following directory:

%systemroot%\System32\Ntmsdata 





Microsoft Windows Server 2003 Unleashed(c) R2 Edition
Microsoft Windows Server 2003 Unleashed (R2 Edition)
ISBN: 0672328984
EAN: 2147483647
Year: 2006
Pages: 499

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net