Yep, been there done that MANY times.
But it's version-specific, and I should have pointed that out. YOu need to
be at 3.1.0.7 or above.
When you log on, the contents of NTUSER.DAT (which I call your PROFILE) are
loaded into the HKEY_CURRENT_USER registry key. So TSM backs that up as
part of registry backup. That's why you can do "dsmc regrest user curuser"
on the 3.1 and 3.7 clients to get your profile back. (NOw I realize that
multiple people can be logged on at once, and I'm no windows guru so I don't
know exactly how it determines who is "current", but this does work...)
At 3.1.0.6 and below, when ADSM backed up the registry via the scheduler,
since the scheduler runs under the SYSTEM account, it did not get a back up
of the CURRENT USER key for anyone else who was logged on, and it couldn't
back up their NTUSER.DAT because it's locked. Since our NT WOrkstations
backup via the scheduler during the day, that means we missed backing up the
profiles. We proved it when we were unable to restore some profiles when a
machine died, reported it as a problem, worked with level 2, and found that
we had to put a DSMC REGBACK USER CURUSER in our STARTUP group to make sure
everybody got their own profile backed up while running under their own id.
That workaround is actually documented somewhere, but I don't remember
where.
Now at 3.1.0.7, magically the client acquired the ability to backup the
profiles of everyone who is logged on when the scheduler runs the registry
backup. It was never announced, I found it by accident when I was testing
bare metal restores for Win2K and digging around in adsm.sys. So I
contacted Andy Raiback, who contacted a developer for me and verified that
it's so. You can prove it to yourself by digging around in adsm.sys.
If using the 3.7.2 client, look at:
C:\adsm.sys\Registry\*machine_name*\Users
Match up the timestamps of the files to the time your scheduled backup ran;
you will see there is a directory for each id, and each id that was logged
on at the time of the backup will have a file with a name like:
S-1-5-21-1417001333-436374069-854245398-1000
This is the logical equivalent of NTUSER.DAT. To restore it requires an
extra step, though, and that is probably what caused your problem. When
doing a bare metal restore, you restore the files, then the registry. Then
you reboot. Then you log on under that user's account. Since you don't
have a restored copy of NTUSER.DAT, you will see the default profile. Run
this: dsmc regrest user curuser, which reloads the profile stuff from
adsm.sys into the registry. Then you reboot again, and on the way down it
will write the profile out to NTUSER.DAT again, and you are back in
business. When you come back up, you have your restored/customized profile.
(When you log on, if your NTUSER.DAT file is missing, WIndows creates you a
new one with the default profile. If your NTUSER.DAT is OK, it uses it.)
If using the 4.1.2 client, the names in adsm.sys have changed, and the
backed up user profile for each user is actually called NTUSER.DAT. And you
can't restore individual registry keys. So after you do the bare-metal
restore of files & registry as ADMINISTRATOR, you drag that person's
NTUSER.DAT from the adsm.sys directory back to where it is supposed to be,
before that account logs on again.
There are several things that can go wrong with profiles during a bare-metal
restore. I have some trouble-shooting instructions as part of my bare-metal
restore procedures. I loaded a copy of them to the scripts depot at
www.coderelief.com if you want to pursue this further.
That's probably a lot more than you wanted to know! Most people never run
into this because they are backing up servers, where only administrators log
on and they use the default profile, anyway.
************************************************************************
Wanda Prather
The Johns Hopkins Applied Physics Lab
443-778-8769
wanda_prather AT jhuapl DOT edu
"Intelligence has much less practical application than you'd think" -
Scott Adams/Dilbert
************************************************************************
|
