Bacula-users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Bacula-users] VSS Windows Backups

2010-02-15 16:03:01
Subject: Re: [Bacula-users] VSS Windows Backups
From: Arno Lehmann <al AT its-lehmann DOT de>
To: "bacula-users AT lists.sourceforge DOT net" <bacula-users AT lists.sourceforge DOT net>
Date: Mon, 15 Feb 2010 21:59:59 +0100 
Hi,

15.02.2010 21:28, Joseph L. Casale wrote:
>> I tend to disagree - but I admit you seem to know what you're talking 
>> about :-)
> 
> I tend to disagree with that:) Heh...
> 
>> Anyway, my scenario in more detail - I'd be happy to see any hidden 
>> pitfalls!
>> Use a secondary windows /typically PE-based) to boot. Create the 
>> partitions you originally had on the system in question (I'm aware of 
>> Server 2k8's service partition...)
>> Assign drive letters as before, and format as before.
>> Start FD, and restore a complete backup to it's original location.
>> Make sure you've got the partitions activated, boot loader in place, etc.
>> Reboot the restored system.
> 
> Ok, if the server is a dc, once it restarts you just caused a USN Rollback.

Hmm... I'd need to look that up in detail, but it shouldn't disturb 
anything. Newer data, as far as I know, should not be affected at least.

> Don't do that this way, use the method I outlined, and use OE provided tools
> like dcpromo and ntdsutil to cleanup after yourself.

Those are steps I included below - "you next apply the system state 
backup you - hopefully - captured during your regular backups, 
following Microsoft's procedures."

> If the server was an Exchange server, you probably just casued other AD 
> related
> issues, things aren't always simple, exchange is tied to ad heavily. It's not
> a postfix daemon with 3-4 text files.

I admit I haven't tried this with Exchange in the system - I never 
needed to :-)

>> Both theory and my experience tell me that you'll end up with a 
>> complete windows, happily running where it was backed up.
>> For sanity#s sake, you next apply the system state backup you - 
>> hopefully - captured during your regular backups, following 
>> Microsoft's procedures.
>>
>> After three reboots, you should have your system in a consistent, 
>> mostly up-to-date state.
> 
> Maybe, depends on what it was doing before... Remember, hardly anything
> in Windows (unlike Linux) is just a txt file:) Windows networks in the
> simplest form are fairly complex with the "complexity" hidden from the
> casual admin. A single server setup at a company of 4 users probably
> _is_ simple. A multi DC infrastructure w/ Exchange, Sharepoint and other
> application servers distributed or not, is _not_ simple.

Fortunately, Windows' AD is quite resistant against the procedures 
outlined - in most complex cases, you won't see your restored data 
becoming "active" immediately, but rather have to manually use some 
tool to eventually decide what to do - make the restored information 
authoritative again, just joind the domain as secondary server, 
syncronize with the other AD servers and manually make a selected set 
of restored data authoritative... there are lots of options, and - as 
you point out - it's quite important to actually read Microsofts 
documentation, find the procedures you'll need, go through them in a 
test environment, and clearly document what you have to do in case of 
disaster.

>> Be aware that some applications - typically everything based on 
>> databases - may require additional steps, for example to replay 
>> transaction logs written and backed up after the last regular back up.
> 
> Well some errors can't be fixed after easily.

But those are the domain of the responsible application administrator :-)

>> That alone can be a problem - only identifying everything you had 
>> before requires a full-blown configuration and deployment management 
>> system, in my experience :-(
> 
> Well, now we digress. Hypothetically speaking, this said admin is incharge
> of the Enterprise's DR without this knowledge? Huh...

Yup. Not even hypothetically speaking here :-) Fortunately, most of my 
customers who run windows domains either
a) have the needed knowledge in their company, or
b) don't care enough about all that to require me to provide detailed 
solutions to all those problems.
(That's why I have to know only a bit of that stuff.)

>>> then add in only
>>> applicable data.
>> This is even worse (though getting better at least with Microsoft's 
>> applications) as it's really hard to determine wat is "applicable data".
> 
> Well, what can I say, you gotta know what you're doing:) technet/msdn are
> great resources, and nothing beats lab'ing up a procedure to validate!

Right, but what I experience - especially with smaller organizations - 
is that they run a windows domain completely managed with Microsoft's 
wizards, and when they actually need to restore anything they hardly 
know which application it belongs to. Don't even ask if they know how 
to, for example, restore an Exchange mailbox or something related to 
Sharepoint services...

>>> You are *will* break all sorts of things pulling the rug
>>> out from under complicated applications like AD/Exchange etc...
>> True, but with the combination of VSS and system state backup / 
>> restore plus the things you (should) know about managing AD you get to 
>> an up-to-date, restored, system quite quickly - much faster than 
>> reinstalling tons of applications, updates, patches, service packs, 
>> bug fixes and the like one by one.
> 
> Well, wrt to AD, you just can't do some things that way w/o breaking it
> all, severely!

There are different levels of breaking things, ...

> Remember, FOSS isn't the only software you get to keep the
> pieces if you break it:)

... and, for those Microsofts products where I tried it, I found that, 
fortunately, you actually keep the pieces - you've only got to know 
how to re-assemble them :-)

> The OP would be most inclined to read technet,
> document, then validate.

Indeed. Plan to spend at least two weeks with that - and that's 
another problem for smaller businesses.

> DR w/o validation is barely any better than no
> DR at all IMHO.

Definitely.

Cheers,

Arno

>> Thanks for your insight!
> 
> And yours!
> jlc
> 
> ------------------------------------------------------------------------------
> SOLARIS 10 is the OS for Data Centers - provides features such as DTrace,
> Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW
> http://p.sf.net/sfu/solaris-dev2dev
> _______________________________________________
> Bacula-users mailing list
> Bacula-users AT lists.sourceforge DOT net
> https://lists.sourceforge.net/lists/listinfo/bacula-users
> 

-- 
Arno Lehmann
IT-Service Lehmann
Sandstr. 6, 49080 Osnabrück
www.its-lehmann.de

------------------------------------------------------------------------------
SOLARIS 10 is the OS for Data Centers - provides features such as DTrace,
Predictive Self Healing and Award Winning ZFS. Get Solaris 10 NOW
http://p.sf.net/sfu/solaris-dev2dev
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Bacula-users] Cancelled job volume still showing "Full", Timo Neuvonen
Next by Date:  Re: [Bacula-users] Cancelled job volume still showing "Full", Alan Brown
Previous by Thread:  Re: [Bacula-users] VSS Windows Backups, Joseph L. Casale
Next by Thread:  Re: [Bacula-users] VSS Windows Backups, Henrik Johansen
Indexes:  [Date] [Thread] [Top] [All Lists]