These are from the Backup Exec for Windows NT training manual. This
can be very useful in a DR.
Tony Kenney
Seagate Software, Inc.
Preparing a Disaster Recovery Plan
It is an unfortunate fact of life that network systems do crash
occasionally. In the event of a disaster, stress levels can be
reduced and mistakes can be prevented by planning for disaster
recovery before the disaster occurs.
Disaster preparation planning is the implementation of strategies and
procedures which will minimize damage in the event a catastrophe
destroys data. While things can be done to minimize the effects of
this type of occurrence (surge protectors, password protection, RAID
arrays, etc.), there is nothing that can safeguard data 100%.
Key Elements of a Disaster Preparation Plan
The purpose of a Disaster Preparation Plan (DPP) is to be able to
return to an operational status as soon as possible. The DPP put in
place with a backup system (Backup Exec) should be tailored to the
specific system environment. While environments will vary in
different organizations, there are five elements which should be
covered to have a comprehensive DPP:
· Hardware protection
· The ability to maintain business operations during a disaster
period
· A sound backup strategy
· Offsite storage of backup media
· Effective DPP management.
Hardware Protection
The hardware devices on the network (CPUs, drives, video) are
susceptible to damage from many disaster situations. The investment
in Uninterruptible Power Supplies (UPS) on file servers, surge
protectors, and security monitoring devices could be justified many
times over in the event of a disaster.
Offsite Storage of Backup Media
It is imperative that backed up data be moved offsite regularly. If
something were to happen to the facility, all the backup media would
not be destroyed. Depending upon the importance of the data, there
may be several offsite storage facilities. There are companies which
provide offsite storage services and will pick up and deliver media
when they are to be rotated.
Notes
Effective DPP Management
Creating a Disaster Preparation Plan is the same as planning emergency
procedures for a fire, and it is done for the same reason _ not
because fires or system failures are viewed as inevitable but because
the reality is that fires and system crashes do happen.
Document everything. What seems obvious now while a procedure is
being created may not seem at all obvious six months or a year from
now when the plan suddenly has to be implemented.
Keep copies of the current version of the DPP in several places so
they can be accessed no matter what the emergency. Then keep the
procedures up to date! This seems like an obvious point to make, but
keeping procedures up to date is actually not that easy to do.
Systems change over time, and the procedures to recover them have to
change as well. When the Windows NT server won't boot _ which defines
an emergency for most system administrators _ pull out the DPP and
follow it step by step. The DPP will be a welcome asset to any
administrator.
Notes
Disaster Preparation of a Basic NT Server
The important thing to keep in mind about recovery procedures is to
take a minimalist approach; always try the least invasive and least
drastic steps first. If they succeed, then the greatest amount of
information will be recovered with the least amount of impact on the
users and the network _ which, of course, is the point of the recovery
effort. The following sections are arranged in order from least
drastic action to the most drastic action.
The Last Known Good Menu
Changes to the system can inadvertently create a configuration which
does not allow the system to boot. The easiest and usually the best
recovery tool in this situation is available when the rebooting
process begins. There will be a message which reads:
"Press spacebar NOW to invoke Hardware Profile/Last Known Good menu"
Pressing the spacebar will present a menu of possible login choices
which, in many cases, simply bypasses that last, ill-advised change.
But be forewarned: any changes made to the system since the
configuration was last saved will be eliminated. This may be a
problem if it is necessary to go back to the original configuration,
which is always one of the options. In addition, many changes made to
the system will not be reflected in this recovery option, so there
might not always be a good configuration to go back to. Even if there
is a change which is captured by the system as an option, there might
still be problems. When there is a successful login to a system after
a configuration change, Windows NT Server assumes the configuration is
good _ and it might not be.
Hardware Profile Copy
Before making a major hardware change create a new hardware profile
that is a copy of the current hardware profile. Then boot into the
new profile, and make the necessary changes. If something doesn't
work, it is possible to return to the previous configuration.
To create a copy of the current hardware profile and make that the
preferred boot option, follow these steps:
1. Right click the My Computer icon.
2. Choose Properties to bring up the System Properties dialog box.
3. Click the Hardware Profiles tab to bring up the dialog box.
4. Select the current hardware profile, and click copy. Type the name
for the new configuration in the To text box.
5. To make the new profile the preferred boot option, select it, and
then click the upward-pointing arrow next to the list box to move the
new hardware profile to the top of the box.
6. Decide whether Windows NT is to choose the new hardware profile
automatically (after a delay) during bootup, or if the system should
wait indefinitely until the hardware profile is chosen by selecting
the appropriate option.
7. Click OK. The new configuration will be saved, and the startup
options will be set.
Emergency Repair Disk
When Windows NT Server is installed, the installation program prompts
to create and Emergency Repair Disk (ERD). Even if the ERD was
created, it is only useful if it is kept current. Most systems are
the products of a constant evolutionary process; the ERD will be
helpful in a disaster situation only if the information about the
current setup is stored on it.
So exactly what is on the ERD? The files on the ERD are the hives of
the registry, along with copies of the MS-DOS subsystem initialization
files (AUTOEXEC.NT and CONFIG.NT) and the Security Account Manager
(SAM) database. Whenever a major change is made to the system, make a
fresh copy of the ERD before and after the change is made. This
provides a fallback position if something goes wrong. When something
doesn't work right, the previous configuration can be restored
quickly.
What is a major change? Adding, removing, or otherwise modifying the
hard drives or their partitions, file systems, configurations, and so
forth. For example, any time the hard drive configuration is changed,
make a fresh ERD before and after the change. The addition of a new
component to the server, such as Microsoft Exchange Server or
Microsoft SQL Server, and changes from Control Panel are also
situations in which the ERD should be refreshed both before and after
the change.
Also keep in mind it is good to have a backup of the ERD; always keep
an ERD from at least one generation back. When creating a fresh ERD,
use a floppy disk which can be reformatted, because RDISK.EXE, the
program which creates the ERD, always formats the floppy disk. To
create the ERD, follow these steps:
1. Insert a disk into the A: drive
2. Choose Run from the Start menu.
3. Type rdisk, and click OK to bring up the Repair Disk Utility dialog
box.
4. Click Update Repair Info to bring up the confirmation dialog box.
Click Yes to update the repair information. Running rdisk will
overwrite any previously saved information. When updating after a
major change, skip this step until the change has been verified as
stable and desirable. Click No to skip.
5. After the repair information has been updated, the system will
prompt to create an Emergency Repair Disk. Click Yes to make the
disk.
6. Store the disk in a safe and secure place.
To backup the user account and file security, run rdisk with the /S
switch instead of running rdisk alone in step 3. This will bypass the
initial screen and its confirmation step and go directly to the update
of the repair directory information. After the current configuration
has been saved, there will be a prompt to make the ERD. With the
freshly formatted disk in the A: drive, select Yes; then click OK.
The information will be saved on the floppy disk.
Note: the Emergency Repair Disk is a useful and necessary tool, it is
NOT a bootable disk. Nor is there room on it for both the boot files
and the repair information files.
Emergency Boot Disk
If the system will not boot, use the initial installation disks to
boot it or use an Emergency Boot Disk, which, in many situations, will
get the system up and running substantially quicker. Use the
emergency boot floppy disk to boot from and get directly into the
existing Windows NT partition, even if a critical file in the system
partition has been deleted or corrupted.
Note: the boot disk is NOT generic for every Windows NT Server
machine. If there is a fairly standard configuration across several
machines, this disk will work, for example, for all machines which use
the same partition and disk controller as their Windows NT boot
partition.
Creating a Windows NT Boot Floppy Disk: x86 Version
Insert a floppy disk into the A: drive; then from the command line or
from Explorer, format the floppy disk. This floppy disk must be
formatted under Windows NT. After the disk is formatted, copy the
following files on to the floppy disk from the root directory of the
system partition:
· NTLDR
· NTDETECT.COM
· NTBOOTDD.SYS (if present)
· BOOT.INI
The file NTBOOTDD.SYS will be present only if there is a SCSI
controller which does not use its BIOS to control the boot process.
If NTBOOTDD.SYS is not on the boot partition, it is not needed.
Creating a Windows NT Boot Floppy Disk: RISC Version
To create a Windows NT boot floppy disk for RISC based machines,
follow the same procedure for x86 based computers except a different
set of files will need to be copied from the root directory to the
floppy disk:
· OSLOADER.EXE
· HAL.DLL
On RISC based systems, the information stored in nonvolatile RAM is
the equivalent of the information stored in the BOOT.INI file on an
x86 based computer. It will be necessary to modify the boot selection
menu to add an option which will point to the floppy disk. The
Advanced RISC Computing (ARC) name used for the SYSTEM-PARTITION on
the floppy disk is:
scsi(0)disk(0)fdisk(0)
Set the necessary values for:
· OSLOADER: the pointer to the floppy drive which was just created
· OSLOADPARTITION: the primary partition (unless there are mirrored
boot partitions, in which case point to the secondary mirror
partition).
· OSLOADFILENAME: the path to the \SYSTEMROOT directory.
Emergency Boot Disk for a Mirrored Boot Partition
To create an emergency boot floppy disk, follow the procedure outlined
in the preceding section but add one more step. For an Intel x86
processor, edit the BOOT.INI file on the floppy disk to change the ARC
name on the boot partition so that it points to the secondary mirror
partition rather than to the primary boot partition. For example, if
there are a pair of Adaptec 2940 adapters and duplexed boot drives
using the SCSI BIOS to boot off the primary partition on the first
hard disk, there might be a line like this in the BOOT.INI:
multi(0)disk(0)rdisk(0)partition(1)\NTS40="Windows NT Server"
The line needs to be changed to read as follows:
multi(1)disk(0)rdisk(0)partition(4)\NTS40="Windows NT Server"
Disaster Recovery of a Basic NT Server
These procedures detail a complete restoration of the Windows NT
operating system and are helpful in the following instances:
· The Emergency Repair Disks cannot revive Windows NT back to an
acceptable state.
· An unrecoverable hard drive error has occurred which required
reformatting of the disk containing the Windows NT operating system.
· Replacing the hard drive containing the Windows NT operating
system.
Single Computer Procedure
This procedure requires that a tape drive is attached to the computer
to be recovered. The needed items are:
· A current full backup of the system and any subsequent
incremental/differential backups.
· The Windows NT installation disks/CD.
· The Backup Exec for Windows NT installation disks/CD.
Follow these steps:
1. Reinstall Windows NT. This Windows NT installation will be
overwritten by the backed up version. If recovering from an entire
hard disk failure, enable Windows NT setup to partition and format the
new disk. Format the partitions with the same File System as before
the failure.
2. Install Backup Exec for Windows NT.
Note: Always log in to Windows NT using the Administrator account (or
an Administrator equivalent) during this procedure.
3. Using Windows NT setup, install the appropriate tape driver for the
attached tape drive.
4. Shutdown and restart the computer (to load the tape driver).
5. Start Backup Exec.
6. Insert the latest full backup tape of the computer to be recovered
and fully catalog it. If the subsequent differential/incremental
backups are on different tapes, those also need to be cataloged.
7. Select all sets from the full and incremental backups which contain
logical drives on the hard disk. If differential backup sets are to
be restored, only the last differential set (the newest) needs to be
selected.
8. Click Restore. Select the "Restore Registry" switch and ensure
that the "Restore to Drive:" field is correct. If the target drive is
an NTFS partition, select the "Restore File Permissions" switch. If
more than one set is being restored, scroll through each of the backup
sets and select the same switches (if only one set was selected, no
scroll bar will appear). While scrolling through the sets, ensure
that the sets are in chronological order (oldest to newest) with the
full backup set first.
9. Click OK to start the restore. If prompted to restore over
existing data, select "Yes To All".
10. Shutdown and restart the computer.
11. If there are any file names starting with REG or USE followed by
five alphanumeric digits (e.g., REG84E64, USE491HD.log, etc.) left in
the \WinNT\System32\Config directory, they can be deleted now.
The recovery procedure is now complete.
Remote Computer Procedure
This remote procedure uses Backup Exec over a network to revive a
Windows NT computer. This procedure requires that Backup Exec for
Windows NT is running on a Windows NT computer with an attached tape
drive (backup computer) and is networked with the Windows NTs (remote)
computer to be recovered. The needed items are:
· A current full backup of the computer to be recovered and any
subsequent incremental/differential backups.
· The Windows NT installation disks/CD.
Note: Always log in to Windows NT using the Administrator account (or
an Administrator equivalent) during this procedure.
Follow this step on the remote computer to be recovered:
1. Reinstall Windows NT - This Windows NT installation will be
overwritten by the backed up version. If recovering from an entire
hard disk failure, enable Windows NT setup to partition and format the
new disk. Format the partitions with the same file systems as before
the failure.
Follow these steps on the backup Windows NT computer:
1. Start Backup Exec for Windows NT.
2. Insert the latest full backup tape of the computer to be recovered
and fully catalog it. If the subsequent differential/incremental
backups are on different tapes, insert now and fully catalog those
also.
3. Select all sets from the full and incremental backups which contain
logical drives from the hard disk. If differential backup sets are to
be restored, only the last differential set (the newest) needs to be
selected.
4. Connect a Network Drive to the administrative share of the computer
to be recovered (e.g., C$) using the Administrator account on the
computer to be recovered. If more than one logical drive is being
restored, connect Network Drivers to the administrative shares of
these drives also. To connect to a user created share, it must be
shared at the root directory of the drive and have full access
permissions.
To connect to an administrative share in Backup Exec:
a. Under the Operations menu, select Connect Network Drive.
b. In the "Path:" field, type in the computer name and the
administrative share name of the computer to be recovered, (e.g.,
\\ComputerName\C$).
c. In the "Connect As:" field, type in "Administrator".
d. Click OK.
e. If prompted, type in the password of the Administrator account for
the computer to be recovered.
Note: On Administrative shares, Windows NT creates an administrative
share for each local drive on the computer during bootup. The names
of these shares are simply the drive letter and a dollar sign (e.g.,
C$, D$, E$, etc.). Each of these are shared at the root directory of
their respective drive. For security purposes, only members of the
Administrators or Backup Operators group may attach to these shares.
These shares are not shown in the "Connect Network Drive" window in
Backup Exec or File Manager, so the name of the computer and share
name in the "Path" field (e.g., \\ComputerName\C$) must be typed in
manually.
5. Click Restore. Select the correct Network Drive in the "Restore to
Drive:" field and ensure the "Restore Registry" switch is NOT
selected. If the target drive is an NTFS partition, select the
"Restore File Permissions" switch. If more than one set is being
restored, scroll through each of the backup sets and select the same
switches (if only one set was selected, no scroll bar will appear).
While scrolling through the sets, ensure that the sets are in
chronological order (oldest to newest) with the full backup set
first.
6. Click OK to start the restore. If prompted to restore over
existing data, select "Yes to All".
Follow this step on the remote computer to be recovered:
1. When the restore has completed, shutdown and restart the computer.
Follow these steps on the backup Windows NT computer:
1. Using the same full and incremental/differential backup sets which
were just restored, select ONLY the \WinNT\System32\Config directory
from each set which contains the active Windows NT operating system.
2. Press Restore. Select the "Restore Registry" switch and the
correct Network Drive in the "Restore to Drive:" field. If the target
drive is an NTFS partition, select the "Restore File Permissions"
switch. If more than one set is being restored, scroll through each
of the other backup sets and select the same switches (if only one set
was selected, no scroll bar will appear). While scrolling through the
sets, ensure that the sets are in chronological order (oldest to
newest) with the full backup set first.
3. Press OK to start the restore. If prompted to restore over
existing data, select "Yes to All".
Follow these steps on the remote computer to be recovered:
1. Shutdown and restart the computer once the restore has completed.
2. If there are any file names starting with REG or USE followed by
five alphanumeric digits (e.g., REG84E64, USE491HD.log) left in the
\WinNT\System32\Config directory, delete them now.
The recovery procedure is now complete.
Double Boot Explanation
When Backup Exec restores open files, it restores them as file names
starting with USE followed by five alphanumeric digits. Then a call
is made to the operating system to rename these files to their "real"
names at the next bootup (this instruction is stored in the registry).
When Registry files are restored, restored file names start with REG
followed by five alphanumeric digits and the operating system is told
to rename these files at the next bootup. If open files and registry
files are restored at the same time, an additional call is made to
attach the list of files to be renamed at bootup to the newly restored
registry. When the registry files are switched at bootup, Windows NT
will not 'forget' to rename the other open files during the bootup
sequence. This process works during local restores. However, during
remote restores, the call for Windows NT to attach the list of open
files to the newly restored registry on the remote computer fails, and
the computer 'forgets' to rename the files at the next bootup. For
this reason, the remote restore is split into two operations:
· Restore the open files
· Restore the Registry files
How to Restore a Backup to a Computer with Different Bootable
Hardware
This section explains how to restore a tape backup from one computer
to another computer with different bootable hardware, and maintain
user accounts and working environment. This procedure may be needed
if there is no backup domain controller, or fault tolerance
implementation on the network, and the primary domain controller is
down for some time. When restoring to a different computer there may
be problems, due to hardware differences between the two computers.
To restore a tape backup from one computer to another computer with
different hardware, and maintain user accounts and working
environment:
1. A backup of the original computer is required to proceed with the
restore operation. The media should contain a backup of the registry
and all other files to be restored.
2. Partition and drive information should be the same as the original
computer. However, the primary partition should be a FAT partition
and initially Windows NT should be installed onto a FAT partition (it
can be converted later). Use the same computer name and domain name
as the computer being replaced.
3. Restore the % SystemRoot%\system32\config directory. Exclude tthe
SYSTEM.* files from the restore job. Make sure the "Restore Registry"
option is checked (enabled).
Note: To remove hardware specific information, the SYSTEM.* files
must not be restored.
4. Reboot the computer and make sure everything is functioning in
Windows NT. When the system restarts, user accounts should be in
place.
5. If using TCP/IP with DHCP and/or WINS, the
%SystemRoot%\SYSTEM32\DHCP and the %SystemRoot%\SYSTEM32\WINS
directories can be restored. It may be necessary to reestablish the
DHCP scope.
6. The %SystemRoot%\SYSTEM32\SPOOL and %SystemRoot%\SYSTEM32\REPL
directories can now be restored. If TCP/IP printing was being used,
printer queues will have to be recreated and IP addresses reassigned.
7. Convert to NTFS if the original install was NTFS. To replace data
with permissions the system must be converted to NTFS. To convert the
file system to NTFS, type the following from the MS-DOS Command
Prompt:
convert, drive letter. fs:ntfs
8. Restore the user data.
Notes
|