Hack 95 Work with Shadow Copies


Server 2003 that lets you save point-in-time copies of your
filesan excellent complement (but not a replacement) for your
regular backup plan.Windows Server 2003 includes a new
feature called the Volume Shadow Copy Service (VSS) that can save
administrators time when users are concerned. When shadow copies are
enabled on an NTFS volume, Windows makes point-in-time shadow copies
(or snapshots) of files on the volume at
predefined intervals. Users can then access these shadow copies to
recover accidentally deleted or overwritten files without requiring
the administrator to intervene to restore these files from backup
media. This feature also allows users to compare current versions of
documents with previous versions, to check for differences without
requiring that users actually save separate versions of these
documents along the way. Either way, administrators are freed from
the hassle of responding to users' requests for
restoring their files from backups, and any time gained nowadays for
the harried network administrator is an asset.On the other hand, implementing shadow copies on file servers is not
a replacement for a regular backup program, because shadow copies are
stored on disk in the same way the original files are stored. So, if
a disk goes on your file server, it could mean that both the original
files and shadow copies might be gone, depending on how
you've configured your file server. Also, shadow
copies are read-only copies and can't be edited
directly. In fact, a shadow copy of a file isn't
really a file at all; it's a block-by-block record
of changes that were made to the file since the last shadow copy was
made. So, to protect your business from data loss, be sure to combine
shadow copies with regular tape backups using the Windows Backup
utility or some third-party product.
Implementing Shadow Copies
Like most successful IT initiatives, implementing shadow copies
starts with good planning. Disk space considerations are a good place
to start, since shadow copies require a minimum of 100 MB of free
space for each volume on which you enable them. That minimum can also
grow quickly, depending on how actively users modify their files and
how aggressively you've scheduled shadow copies to
occur. In fact, even if you only have a few kilobytes of files on
your file server, the first time a shadow copy of a volume is made,
it takes up the full 100 MB space allocated to this feature.By default, the maximum amount of disk space used for shadowing a
volume is 10% of the size of that volume. So, if you shadow a 20 GB
data volume on your file server, up to 2 GB of space will be needed
to store the shadow copies of files on this volume. However, if the
need arises, you can increase this maximum at any time. This is
important, because if the maximum is reached, then shadow copies
start dropping the oldest versions to make room for the new.
|
on a different volume than the one where users' data
files reside, preferably on a different physical drive as well. That
way, you can plan separate disk-space needs for original files and
their copies. However, many administrators don't
realize that if you discover later that your shadow volume is
insufficient and you want to move the shadow copies to a different
volume, doing so causes you to lose all shadow copies of user files.
Backing up the shadow volume in this case and restoring it to the new
volume won't work, because VSS
can't be configured manually to find its copies in a
moved location. To work around this problem, you can store your
shadow copies on a dynamic volume, which you can extend later by
adding free disk space on the same drive or another drive.Also remember that shadow copies are enabled on a per-volume basis.
So, when you enable this feature on a data volume, all shared folders
on that volume will have shadow copies created for files within them.
This is an important issue that is usually not considered in the
planning stage. In fact, this issue should actually be considered
before you even set up your file server in the first place. In other
words, to implement shadow copies effectively, you need to ensure
that shared folders on your file server are grouped together
appropriately onto separate volumes, according to the level of user
activity for those shares. Group together shares within which users
frequently modify files according to how often they modify them:
high-activity shares on one volume, medium activity on another, low
activity on a third. This will help you plan separate shadow-copy
schedules for each volume: frequent copies for high-activity volumes
and infrequent copies for low-activity volumes. If you are planning
on upgrading your Windows 2000 file servers to Windows Server 2003,
consider reorganizing the volumes and shares on your servers as part
of the upgrade process.Configuring shadow copies is basically a three-step process:
configure it on the server, configure it on the client, and educate
users how to use it. The last step is often forgotten from the IT
perspective, because it's not strictly in the
"techie" realm of things, but
it's just as important as the other two steps. For
increased security, shadow copies are disabled on all NTFS volumes
until you enable them on the server. If you're
logged on locally, the easiest way to enable shadow copies is to
right-click on any volume, select Properties, switch to the Shadow
Copies tab, select the volume on which you want to enable shadow
copies, and click Enable (see Figure 10-7).
Figure 10-7. Enabling shadow copies on a volume

Actually, before you enable this feature on a volume,
it's a good idea to first review the default
settings for shadow copies by clicking on the Settings button shown
in Figure 10-7. The default settings store the
shadow copies on the same volume as the one you are enabling, use up
to 10% of the volume to store copies, and make new shadow copies of
files every weekday (Monday through Friday) at 7 a.m. and noon. The
rationale behind the schedule is to save copies before users arrive
at work (when they open their files) and around lunchtime (when they
are halfway through their workday).You can create almost any schedule you want for when shadow copies
should occur, but avoid scheduling it to occur too often (e.g., once
an hour), due to the excessive load it will place on your server.
When planning your schedule, also remember that shadow copies will
save a maximum of 64 different versions of a file before deleting
older versions to make room for new versions. So, if you leave the
default twice-a-day schedule in place, users will be able to restore
a version up to 32 days old. Anything older than that
you'll have to restore from backup for them.Be sure to clearly communicate to users your schedule of when shadow
copies will be made so that they don't rely on this
feature excessively. Users should still consider themselves
responsible for making versioned copies of files they work on and
should view shadow copies only as a tool of last resortjust in
case they accidentally delete a file or overwrite itrather
than something they'll use to save versions of their
work. As administrator, you can also force a shadow copy to occur at
any time; just select the volume and click the Create Now button
shown in Figure 10-7. This can be a useful feature
if there are certain times when user activity is high, such as
year-end finalization of budgets. Instead of modifying your schedule,
you could manually create an extra shadow copy or two during the days
just before the deadline.You might be wondering where shadow copies are
stored on a volume. If you create a new 5,000 MB data volume
E:, enable shadow copies on the volume, and
click Create Now to generate shadow copies immediately (even though
there are not files yet on your volume), then, when you select the
E: drive in My Computer, you should see around
4,900 MB of free space. In other words, shadow copies immediately use
the minimum 100 MB allocated to it the first time they operate. But
your drive is still empty when you open it in Windows Explorer. If
you use Tools
to show hidden files and unhide hidden system files,
you'll see a folder named System Volume Information
that has System and Hidden attributes enabled;
that's where your shadow copies are all stored. This
volume is accessible only to the built-in system account on your
server, not to administrators.Once you've reviewed and modified the shadow-copy
settings for a volume and enabled shadow copies on that volume, your
server begins to save shadow copies of all files stored on the
volume. That includes all files, not just ones
in shared folders on the volume. In other words, even if you modify a
file locally on the volume and the file is stored in a folder that
isn't shared, a shadow copy will still be created
for that file. That way, if you later decide to share the folder for
others to access, a history of versions of files in the folder will
be displayed.In a network environment, where it's not convenient
to log on locally to your file server, you can still enable shadow
copies by using Computer Management. Just open Computer Management on
your administrator workstation, connect to the remote file server,
right-click on the Shared Folders node, and select All
Tasks
|
enabled on the users' client computers. By default,
only Windows Server 2003 has shadow-copy functionality built right
into it; all previous versions of Windows require that special client
software be installed on them before users can use this feature to
access previous versions of files. If your desktop computers are
running Windows XP Professional (the desktop operating system that
most closely integrates with Windows Server 2003 on the back end),
you can install shadow client software on them easily. Just share the
%Systemroot%\System32\clients\twclient\x86
folder on your server, and then instruct users to connect
to this share and double-click on twcli32.msi to
run the Windows Installer File. Alternatively, you could use the
software-installation feature of Group Policy to deploy this feature
automatically to all desktop machines in an organizational unit,
domain, or site. You could even email the installer file to your
users, along with instructions on how to install and use it.If your desktops are running Windows 2000 Professional (with Service
Pack 3 or later) or Windows 98 Second Edition (SE), you need to
download a different shadow-software client from the Microsoft
Windows Download Center (http://www.microsoft.com/downloads/) and
deploy it by using one of the methods described previously (you also
have to install the same client software on the server). If your
desktops are running Windows NT 4.0 Workstation or Windows Millennium
Edition (ME), then you're out of luck.
Using Shadow Copies
Let's say you've enabled
shadow copies on volume E:
on a Windows Server 2003 file server, and this volume is
used to store users' files in a series of shares
named Budgets, Projects,
and so on. How can a user access previous versions of her files in
these shares, and what actions can she perform on them? Say a user
uses
Start
where servername is the name of the file
server where the Budgets share is located. This will open a window on
the user's desktop, displaying all files stored in
that share.Users can right-click on a particular file in that share, select
Properties, and switch to the Previous Versions tab shown in Figure 10-8. If this tab is missing, then the
user's computer doesn't have the
shadow-copy client software installed.
Figure 10-8. Accessing previous versions of a file using shadow copy client software

All previous point-in-time versions of the selected file are
displayed in this tab (if no previous versions are displayed, the
file hasn't been modified since it was created). The
View, Copy, and Restore buttons enable the user to perform different
tasks with these versions. For example, to view the contents of a
previous version, click View. This is helpful when
you're not sure which previous version is the one in
which you wrote that lovely paragraph but later deleted in a fit of
writer's despair. Once you've found
the previous version of the file you want, you could save it to your
My Documents folder and give it a descriptive name.Alternatively, if you already know which version
you're interested in (such as the most recent
previous version) you could click Copy to copy that version to a
different location. If you're really confident, you
could click Restore to overwrite the current version of the file (the
one you're working with as a user) with the previous
version specified.If you're not even sure which file had that
wonderful paragraph you wrote, but you know it's in
the Budgets share, you could right-click on an empty area within the
open share window, select Properties, and switch to the Previous
Versions tab of the share itself. This displays all previous shadow
copies made of that share and lets you view previous versions of
individual files within the share, copy a previous version of all
files in the share to another location, or roll back all files in the
share to the specified previous version.The bottom line is, when educating users on how to use shadow copies,
tell them to ignore the Restore button and always use View and Copy
instead. One user carelessly restoring an entire shared folder to its
previous version could result in lost work and its accompanying
frustration for other users who have access to the same share. Of
course, if users work only with their own files but store them in the
same share, this might not be an issue, depending on how NTFS
permissions are configured on the shared folder. But if users have
collaborative access to a document, problems can result when using
shadow copies. Of course, such problems can result even without
shadow copies functionality.Here's something else to consider that is often
forgotten: NTFS permissions change differently, depending on whether
you copy a file or move it. So, in the case of shadow copies, if you
restore a previous version of a file, it overwrites the original file
in its original location but maintains the same NTFS permissions as
the original file. But if you copy a previous version of a file to a
different location on your drive, the copy inherits the permissions
of the folder you copy it to.
Traps
In addition to poor planning and scheduling, resulting in
insufficient disk space, there are a few other things you need to
watch out for when implementing shadow copies. The first thing has to
do with the block-based mechanism by which the VSS makes copies of
changes made to files. If the filesystem cluster size is smaller than
this block size, some of your shadow copies might disappear when you
defragment your volume using the built-in Disk Defragmenter node in
Computer Management. To prevent this from happening, always ensure
that volumes on which shadow copies are stored have cluster sizes of
16 KB or greater. By default, on Windows Server 2003, any volumes
larger than 2 GB will have a cluster size of only 4 KB, which is
insufficient.To solve this problem, when you format the volume, specify an
allocation unit size of 16 KB instead using either Disk Management or
the /a switch with the format
command. On large volumes, you could use even higher cluster sizes of
32 or 64 KB. But if the volume will be used to store many small
files, this can result in much wasted space on your drive. So, 16 KB
is probably the optimal solution in most cases.If you upgraded your server from Windows NT 4.0 Server and the volume
was converted from FAT to NTFS by using the
convert command, you're out of
luck. Because convert always uses an allocation
unit size of 512 bytes to optimally align with FAT filesystem
boundaries, don't use a converted volume for storing
shadow copies on a server. However, if your machine was previously
running Windows 2000 Server, you might be in luck, because that
platform allowed you to format FAT volumes with larger cluster sizes.Here are some other things to watch for:Don't enable shadow copies on a volume that has
mount points on it. A mount point (or
mounted drive) is a special volume that is
attached to an empty folder on an NTFS volume. In other words, a
mount point named Data could be attached to the
folder E:\Stuff if volume E:
is formatted using NTFS. In Windows Explorer,
Data would appear just like any other volume,
and mount points would therefore provide a way to get around the
26-letter limit for naming volumes using drive letters. The problem
is that mount points are not included when shadowed copies are made
for a volume, which means that files stored in these mounted drives
will not have previous versions accessible to users. Also, if you
share a mount point that's located on a volume that
has shadow copies enabled, users won't be able to
access previous versions of files in the folder attached to the mount
point. So, it's best to avoid mount points entirely
on shadowed volumes.Avoid using shadow copies on dual-boot configurations, where Windows
Server 2003 and some earlier operating system such as Windows NT 4.0
Server are installed on the same machine. Corruption of shadow copies
has been known to occur in such scenarios.Best practice is usually to enable shadow copies on any volume where
data files are stored, because the enhanced Backup utility included
with Windows Server 2003 can back up open files on a volume on which
shadow copies are enabled. That means that if users leave files open
on their machines at night, the files can still be backed up instead
of being locked and prevented from being backed up as in previous
versions of Windows Backup. In this kind of scenario, it might be a
good idea to schedule additional shadow copies to occur an hour or so
before Backup is scheduled to run. You can also turn backing up of
shadowed volumes on and off using the /SNAP switch
in ntbackup, the command-line version of the
Backup utility.Don't enable shadow copies on a system or boot
volume, because there have been reports of excessive generation of
shadow copies. This causes poor system performance, especially on
domain controllers where the contents of Active Directory is
frequently updated. Programs that create many temporary files on
these volumes can also cause shadow copies to grow quickly and fill
up your volume if you give them enough room to do so, and a system
volume that fills up is one that blue-screens.If you accidentally delete any of the default hidden administrative
shares on your server, you won't be able to enable
shadow copies on any volumes on your machine. Fortunately, Microsoft
has a workaround in such circumstances. Search the Knowledge Base on
Microsoft Product Support Services (PSS) at http://support.microsoft.com for information
on how to restore default administrative shares.Finally, before you delete a volume that has shadow copies enabled on
it, disable shadow copies on the volume. If you
don't, your event log might fill up with ID 7001
error messages, which can be annoying.