Managing and Maintaining a Microsoft Windows Server 2003 Environment.
Study Guide
5. Managing and Implementing Disaster Recovery
To backup files use the Backup GUI tool in Accessories\System Tools or
alternatively, grapple with command line tool - ntbackup.exe. Bizarrely,
you cannot use the command line ntbackup to restore files. Also, you can manage media for backup using Computer Management.
Types of backup: normal (clears A), incremental (uses A, clears A), differential
(uses A, leaves A), copy, daily (based on changes since midnight).
To perform a backup you should be a member of the Administrators or Backup
Operators group or you should be the owner of a file or folder and have at least
one of permissions: read, read and execute, modify, full control.
You can manage media only as a member of Administrators group.
You can schedule backup: daily, weekly, monthly, once, at system startup, at
logon, when idle.
Locations to restore: original location, alternate location, single folder.
Media pools: unrecognized (blank and foreign format), free (newly formatted),
backup (written), import (not catalogued on the local disk)
- Safe Mode - F8 on startup
- Driver Rollback - Device Manager
- Last Known Good
Configuration
- Recovery Console. Boot from CD, look out for R= Repair.
Alternatively, install the recovery console with winnt32 /cmdcons.
Where a device is not working properly, try: Uninstall Device and Scan for hardware changes.
System Information under Accessories, System Tools can be used to view signed drivers (and
much more information). If you prefer, try winmsd from the command line, also
try Run, Sigverif.
System State
- Registry
- COM+ Class Registration Database
- Boot files (boot.ini, ntdetect.com, ntldr, bootsect.dos, ntbootdd.sys)
- System files protected by the Windows File Protection service
- Certificate Services database on a certificate server,
- AD and the Sysvol folder on a domain controller,
- Cluster service information on a cluster server, IIS metabase if IIS is
installed.
Note:
You cannot backup individual components of the System State. Nor can you backup
the System State remotely.
To restore System State on a domain controller use Directory Services Restore
Mode.
Authoritative restore of AD and Sysvol folder replicates objects from the
restored domain controller to its replication partners. It increases the
USN (update sequence number by a huge number). You need to be an expert on
LDAP and NTDSUTIL to do this for real.
Non-authoritative (normal) restore of AD and Sysvol folder restarts the domain controller
into normal operational status.
You must perform non-authoritative restore before you perform an authoritative
one.
ASR (RDISK in NT 4.0)
If you want to create ASR set and you do not have floppy drive, you can copy
files (asr.sif and asrpnp.sif) from %Systemroot%\repair folder on the system to
another computer.
To perform ASR you need: Windows Server 2003 CD, ASR backup set, ASR floppy
disk.
ASR disk can be restored from ASR set.
Suppose a user wishes to recover yesterday's version of their word document.
How much would it cost to restore that one file a user? If you implement
Shadow Copy, then the user can recover the file themselves at no cost to you.
You can configure Shadow Copy by right clicking the root of any volume, properties.
It only works on folders that are shared. Best practice is to move the
'Shadow to another partition. You need a minimum of 100MB available for the system to create shadow copies.
The
default timing for Shadow Copy is twice a day. This frequency should be
adequate, and certainly do not schedule the shadow copies for more than once
every two hours. The reason for this recommendation is that
there is a limit of 64 shadow copies before the first one gets overwritten.
So you do not want copies to disappear too soon.
The key point to remember with Shadow Copy is that it operates on shares and
not all folders.
It also follows that the XP machines need a TWClient (Shadow Copy Client), so
firstly, share out this folder:
%SystemRoot%\system32\clients\twclient
'Previous version' tab of shared folder Properties is visible only if you use UNC
to connect to the file share.
RAID-1 recovery: correct I/O error and Reactivate Volume or Reactivate Disk.
RAID-5 recovery: if the drive is returned to service, you may need to rescan and
then Reactivate Volume; else you must replace the disk, initialize it, convert
to dynamic, and choose Repair Volume.
Options of recovery: data loss or corruption in shared folder � use VSS, driver
updates resulting instability � use driver Rollback (except printers) or disable
a device causing instability, driver or service installation or update resulting
in the inability to start OS � Last Known Good Configuration (else try Safe Mode
or Recovery Console), failure of the disk subsystem � reconfigure RAID or
restore backup to new disk.
 Windows
Server 2008 Enterprise Admin
Train Signal have an excellent Windows Server 2008 course. You get over 70
hrs instruction with Ed Liberman and Ben "Coach" Culbertson. Try their
step-by-step videos and master Windows Server 2008 Enterprise Admin.
The package includes the Transcender exams, which are the key to gaining the
coverted Microsoft Certified IT Professional certification. However, the
course also builds practical experience so that you can manage your network
effectively once you complete the course.
Watch a Demo of Train Signal's MCITP course
|
