Hack 92 Back Up System State on Remote Machines


let's you use the Backup utility to perform a
network backup of System State information on remote
computers.The term System State is used in Windows 2000 and later to describe
various information used to boot, configure, and run the operating
system. At a minimum, System State consists of the Registry, boot
files, the COM+ class registration database, and any system files
running under Windows File Protection. Servers might have additional
System State information, depending on their role. For example, on a
domain controller, System State also includes the Active Directory
directory service database and the contents of the SYSVOL
directory, but if the domain controller is also a DNS
server, then System State includes the DS-integrated DNS zone data as
well. And if a server is running IIS, then its System State normally
includes the IIS metabase as well [Hack #54].Backing up System State information is critical for recovery from a
disaster, and using the Backup utility, it's easy to
back up the System State of the local machine. From the GUI, simply
start the utility (Accessories
Tools
machine is running Windows Server 2003, switch to the Backup tab,
select the checkbox labeled System State (see Figure 10-2), and configure the remaining backup options
as required. The usual practice is also to back up your boot and
system volumes when you back up System State, to ensure you have
enough information to recover your system after a disaster.
Figure 10-2. Backing up System State on a domain controller

Note that the checkboxes for the various components of System State
are grayed out in Figure 10-2. This is because
System State information is interdependent, so you
can't back up or restore parts of it; you can
restore the System State in its entirety only. After all, it would be
useless to back up the directory service database if you
didn't also back up Registry keys associated with
the service!Backing up System State from the command line is even simpler: just
include the systemstate option in your
ntbackup command. For example, to back up the
System State data to file as D:\backups\101103.bkf
using 10 November 2003 as the name
for your backup job, type the following at a command prompt (or
include it in a batch file):
ntbackup backup systemstate /j "10 November 2003" /f "D:\backups\101103.bkf"
The Windows help documentation says that the Backup utility (and its
command-line equivalent, ntbackup) can be used
only to back up the System State of the local computer. This is
unfortunate, because backing up System State is critical for
server-recovery purposes. It would be nice if you could back up
System State for remote machines over the network, instead of having
to do it locally on each server. Fortunately,
there's a workaround you can use to accomplish this.
It's a two-step process that involves configuring a
backup job locally on the remote machine and then configuring a
network backup to run from your local server that has the tape drive
attached.
Configuring Backup on the Remote Machine
First, go to the remote server
whose
System State you want to back up and log on as a domain administrator
or member of the Backup Operators group for the domain. Create a new
folder on the server and share it using a name like
Sysback; this folder will be used as a temporary
in-transit location for storing a backup of the
server's System State, so configure NTFS permissions
on the folder so that only members of Domain Admins and Backup
Operators have access to it.Now, start the Backup utility on the server and configure it to back
up the System State to file (not tape) so that the backup-job file
(*.bkf) is saved in the Sysback
share you created earlier. Choose the appropriate backup
options and schedule the backup to occur at desired intervals.
Configuring Backup on the Local Machine
Return to your local server (the one with the tape drive attached)
and map a drive to the Sysback share on
the remote server. You
could do this by right-clicking on My Computer and selecting Map
Network Drive, or you could do it from the command line using the
net use command, whichever you prefer.Now, start Backup on the local machine and configure it to include
the mapped drive as part of your backup job. The mapped drive will be
displayed in the Backup utility with a checkbox beside it; just
select the checkbox to back it up. Finish configuring backup options
and schedule your job to run at desired intervals. Now, when the
backup job runs on the local machine, it will back up the System
State of the remote machine as desired, provided you coordinate your
schedules so that the backup job runs first on the remote machine.Of course, you can also use ntbackup to configure
your backup jobs from the command line, if desired. And if Terminal
Services (Remote Desktop in Windows Server 2003)
is running on the remote server, you could configure the remote job
without actually having to walk over to where the remote machine
resides.
Evaluating This Approach
You may or may not want to use this approach to back up the System
State of your remote servers. Local backups (using a tape drive
attached to each server) certainly cost more in terms of hardware and
are more work to administer, but they don't have the
single point-of-failure problem that network backups (using a
centralized backup server with attached tape drive) might experience.
And while network backups can generate considerable network traffic,
by scheduling backups to take place during off hours or by using a
dedicated second LAN, you can minimize this issue. Like most
decisions administrators have to make concerning their networks,
it's a tradeoff.By the way, this hack also shows that you can use the Backup utility
to back up the Registry on remote computerssomething
else Windows help says you
can't do!