Preparing for a Disaster

[Previous] [Next]

As good old Ben Franklin was known to say, "Failure to prepare is preparing to fail." This is truer than ever with modern operating systems, and while Windows 2000 includes a number of exceptionally useful recovery modes and tools, you still need to prepare for potential problems. Some of these techniques are covered in detail in other chapters and are discussed here only briefly, while others are covered here at length.

Setting Up a Fault-Tolerant System

A fault-tolerant system is one that is prepared to continue operating in the event of key component failures. This technique is very useful for servers running critical applications. Here are a few of the many ways to ensure fault tolerance in a system:

  • Use one or more RAID arrays for system and data storage, protecting you from hard disk failure. If a hard disk in the array fails, only that disk needs to be replaced—and no data is lost. See Chapter 14 for information on using Windows 2000 to implement software RAID.
  • Use multiple SCSI adapters to provide redundancy if a SCSI controller fails.
  • Use an uninterruptible power supply (UPS) to allow the server to shut down gracefully in the event of a power failure.
  • Use multiple network cards to provide redundancy in case a network card fails.
  • Use multiples of everything that is likely to fail, including power supplies and so on.

Backing Up the System

Back up the system and system state regularly using a good Windows 2000 backup program. If a hard disk fails and must be replaced and you're not using some sort of RAID array, the data and system can be restored from backup. (If you lose the system entirely, you'll need to install Windows 2000 on it before restoring the original system.) See Chapter 34 for details on using the Windows 2000 backup program. Appendix E covers an assortment of third-party backup tools for the enterprise.

Creating Emergency Repair Disks

Windows 2000, like Microsoft Windows NT, can create an emergency repair disk (ERD) to help rescue the system in the event of a disaster. The ERD contains important information that can be used to fix system files, the boot sector, and the startup environment. The ERD is easy to make, and it is very useful in the event of a disaster.

TIP
In Windows 2000, you may have noticed that you didn't get prompted to create an emergency repair disk during installation, as you do during Windows NT setup. In fact, the entire procedure has changed. Now, to create an emergency repair disk, you run Windows 2000's Backup program.

To make a fresh emergency repair disk, you will need a floppy that you don't mind being formatted. Always use a freshly formatted floppy to create an ERD. It's also a good idea to have a backup of your ERD, so always keep at least one generation back. We also like to keep an original ERD created immediately after the installation process as a kind of ultimate fallback position. To make an ERD, follow these steps:

  1. Open the Windows 2000 Backup program from the Start menu by pointing to Programs, Accessories, and System Tools and then choosing Backup.
  2. Click the Emergency Repair Disk button, as shown in Figure 33-1.
  3. click to view at full size.

    Figure 33-1. The Windows 2000 Backup window.

  4. Select the check box in the Emergency Repair Diskette dialog box if you want to back up the system registry to the repair folder on the hard disk, for use if the registry becomes corrupt.
  5. Insert a blank floppy disk in drive A, and click OK.

NOTE
The emergency repair disk is not bootable; it must be used in conjunction with the Windows 2000 setup disks.

REAL WORLD  Using the Emergency Repair Disk Effectively
What, exactly, is on the emergency repair disk? Well, certainly not all the stuff that used to be there in Windows NT. Instead of trying to fit all of the files necessary to recover your system onto a single floppy, a task that had become more than a little problematic, Windows 200 now copies only the MS-DOS subsystem initialization files, Autoexec.nt and Config.nt, as well as a single file, Setup.log, which points to the location of the repair files are on your server.

Unfortunately, with this change, it's a little more difficult to maintain multiple generations of repair information. Get in the habit of saving a copy of the %windir%\repair directory onto a secondary or even tertiary location before updating the emergency repair disk. This will give you a fallback should you inadvertently update the information before you're sure it's stable. If you need to go back to earlier information, just copy it back into the %WinDir%\repair directory (probably by using the Recovery Console, discussed later in this chapter and in Chapter 37).

Whenever you make a major change to your system, it's a good idea to make a fresh copy of the ERD before you make the change. This lets you have a fallback position if something goes wrong. If something doesn't work right, you can quickly restore the previous configuration. Once you've confirmed that the new configuration is stable and working, then and only then should you update your ERD for that server. Before you make a new emergency repair disk, copy the entire %WinDir%\repair directory tree to your failsafe location. At worst, you can recover from that failsafe location.

What constitutes a major change? Adding, removing, or otherwise modifying the hard disks or their partitions, formats, configurations, and so on, for one. Any time you make a change to the hard disk configuration, you'll definitely want to make a fresh ERD just before you make the change. Another major change would be the addition of a new component to the server, such as adding Microsoft Exchange Server or Microsoft SQL Server. Any changes made from Control Panel are candidates for redoing the ERD as well.

Creating Windows 2000 Setup Disks

Windows 2000 includes a set of four disks that can be used to boot the computer if you cannot boot from the hard disk. If the system supports booting from a CDROM using the El Torito standard, you can boot from the Windows 2000 CD-ROM. Otherwise, you need these disks to boot the system in the case of an emergency.

If you have lost the original disks or need to create another set, you can do so. You will need four 1.44-MB floppy disks. While it would be really handy to use a single Zip disk instead, booting from a Zip disk is not supported. (OK, if your Zip drive is drive A: you can use your Zip drive, but you'll still need four disks—they'll just be mostly empty). Follow these steps to create new setup disks:

  1. Insert the Windows 2000 CD-ROM for which you want to create setupdisks. Note that setup disks are specific to each version of Windows 2000—that is, Windows 2000 Professional and Windows 2000 Server use different setup disks.
  2. Insert a blank, 1.44-MB floppy disk in drive A: of the computer.
  3. At a command prompt or in the Run dialog box, enter the command d:\bootdisk\makeboot a:, replacing d with the CD-ROM drive letter.

Creating a Boot Disk

We know; you're thinking that you just did this, but there is yet another floppy disk you can create for safety and recovery convenience. It's a plain old boot disk. Although a Windows 2000 boot disk doesn't get you to a command prompt, as a Windows 95 or Windows 98 boot disk does, it does permit you to boot the system under the following circumstances (provided that your actual Windows 2000 installation isn't damaged in any other way):

  • Corrupted boot sector
  • Corrupted master boot record (MBR)
  • Virus infections of the MBR
  • Missing or corrupt Ntldr or Ntdetect.com files
  • Incorrect Ntbootdd.sys driver

The boot disk can also be used to boot from the shadow drive of a broken mirror set, although you may need to edit the Boot.ini file on the boot disk.

REAL WORLD  Why MS-DOS Boot Disks Won't Help
More than one person new to Windows 2000 has accidentally deleted or corrupted a key file required to boot the system and tried to recover by digging out an old MS-DOS boot floppy. Alas, it doesn't work.

The files you need to get your hard drive back to booting condition aren't even on an MS-DOS floppy. When you install Windows 2000, it modifies the system's boot sector to look for and run a file called Ntldr. When you format a floppy under MS-DOS, even when you make it a system disk, this file doesn't get created, since MS-DOS doesn't know anything about Windows 2000.

As such, a boot disk is occasionally useful, and since it's easy to make and floppy disks grow on trees (although these trees are rarely seen outside of the Microsoft campus), you might as well make one. The boot disk is not generic for every Windows 2000 machine. However, if you have a standard configuration across several machines, this disk will work for all of the machines that use the same partition and disk controller as their Windows 2000 boot partition. Follow these steps to create a boot disk:

  1. Insert the first Windows 2000 setup disk into the floppy drive.

TIP
If you're currently using a Windows 2000 computer, you can simply format a disk using Windows 2000's Format utility and then proceed to step 6.

  1. At a command prompt, enter the command diskcopy a: a:.
  2. Follow the directions on the screen to make a copy of the first setup disk.
  3. Delete all files on the new disk by entering del *.* at the a: command prompt.
  4. Copy the Ntdetect.com and Ntldr files from the i386 folder on the Windows 2000 CD-ROM to the floppy disk.
  5. Rename Ntldr to Setupldr.bin.
  6. Create a Boot.ini file, or copy the file from the boot drive to the floppy disk.
  7. If you're using a SCSI system, copy the device driver for the SCSI controller to the floppy disk, and rename it Ntbootdd.sys.

TIP
To find out what drive file you're using for the SCSI adapter, open the Computer Management snap-in from the Administrative Tools folder on the Programs menu. Then click Device Manager in the console tree, select the SCSI adapter, and click the Properties toolbar button. Click the Driver tab, and then click the Driver Details button. The driver file is listed in the Driver File Details dialog box.

REAL WORLD  ARC Naming Conventions
Understanding how the hard disks and partitions are named on your system is not a trivial task, unfortunately. To provide a uniform naming convention across multiple platforms, Microsoft uses a fairly arcane designation for all of the disks and partitions on your computer. Called ARC—short for Advanced RISC Computing—this is a generic naming convention that can be used in the same way for both Intel-based and RISC-based computers.

The convention describes the adapter type and number, the disk number, the rdisk number, and finally the partition number. The format is as follows:

<adaptertype>(x)disk(y)rdisk(z)partition(n)

where <adaptertype> can be either scsi, multi, or signature. Use multi for all non-SCSI adapters and for SCSI adapters that use a BIOS—as most adapters used with Intel-based processors do. The (x) will be the adapter number, starting at zero. If <adaptertype> is signature, (x) will be an 8-character drive signature.

The value for (y) will be the SCSI ID of the disk for SCSI adapters. For multi this will always be zero. The number for (z) will be zero for scsi, and it will be the ordinal number of the disk for multi, starting with zero. Finally, the partition number (n) will be the number of the partition on the target disk. Here the partitions start at one, with zero reserved for unused space.

Installing the Recovery Console

One of the most useful new recovery features in Windows 2000 is the Recovery Console. This is basically an enhanced, NTFS-enabled, secure command prompt that can be used to copy files, start and stop services, and perform other recovery actions if you can't boot the system using Windows 2000's new safe mode. The Recovery Console is always available for use via the four Windows 2000 setup disks or the CD-ROM; however, you can also install it as an option on the Boot menu for use in those instances when you can't boot using Windows 2000 safe mode. You'll still need to use the boot disk if you can't get to the Boot menu or if the Recovery Console is damaged. To install the Recovery Console, follow these steps:

  1. While in Windows 2000, Windows NT, Windows 95, or Windows 98, insert the Windows 2000 CD-ROM.
  2. Close the Autorun dialog box.
  3. At a command prompt or in the Run dialog box, enter the command d:\i386\winnt32 /cmdcons, replacing d with the drive letter of the Windows 2000 CD-ROM or network share.
  4. Click Yes to install the Recovery Console, as shown in Figure 33-2.
  5. Figure 33-2. The Windows 2000 Setup window.

Specifying Recovery Options

You can specify how you want Windows 2000 to deal with system crashes by changing a few options in the System tool in Control Panel. To do so, follow these steps:

  1. Open the System tool from Control Panel, and click the Advanced tab.
  2. Click the Startup And Recovery button to display the Startup And Recovery dialog box, shown in Figure 33-3.
  3. Figure 33-3. The Startup And Recovery dialog box.

  4. Select the operating system you want to have boot by default from the Default Operating System list box.
  5. If you want to boot the default operating system automatically, without waiting, clear the Display List Of Operating Systems check box. Otherwise, specify how long you want to display a list of options in the box provided.
  6. Select the Write An Event To The System Log check box, if available, to record an entry in the event log when the system experiences a crash.
  7. Select the Send An Administrative Alert check box to send an alert to administrators over the network when the system crashes.
  8. Select the Automatically Reboot option to instruct Windows 2000 to reboot the system in the event of a crash. Otherwise the system will remain at a blue screen until an administrator manually reboots it.
  9. Select how much debugging information you want to record from the Write Debugging Information list box. Note that if you have a large amount of RAM you will need a lot of disk space if you want to use the Kernel Memory Dump option.
  10. Enter the filename for the dump file in the Dump File text box, and select the Overwrite Any Existing File check box to maintain only a single dump file.

Creating and Using a Recovery Drive

An excellent way to recycle an old, small drive that's not good for much else is to use it as an external recovery drive. This drive needs to be only about 700 MB at a minimum. The recovery drive can even be used for several servers if you set it up as a portable device. Using a recovery drive in this way offers a somewhat cheaper alternative to mirroring the drive.

To create the recovery drive, install a minimal Windows 2000 Server on the drive, configuring your swap file to be on that drive. Make sure that the installation includes the tape driver you will be using for tape backup. Create a bootable Windows 2000 floppy disk, following the procedure outlined earlier in the section "Creating a Boot Disk," and edit the Boot.ini file on it to point to the SCSI address of the recovery drive.

When a system failure occurs, simply cable the recovery drive to the server and boot from the boot disk that points to the recovery drive. If the recovery drive has sufficient user accounts and software to keep your system running, you can run off the recovery drive until you can schedule a full-scale repair or replacement of the failed drive. When you are able to take the system down and replace the failed drive, all you need to do is restore your backup tape to it and restart the server. You can even do the restore in the background while you continue to run off the recovery drive if necessary.



Microsoft Windows 2000 Server Administrator's Companion, Vol. 1
Microsoft Windows 2000 Server Administrators Companion (IT-Administrators Companion)
ISBN: 1572318198
EAN: 2147483647
Year: 2000
Pages: 366

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net