Configure Backup and Recovery
The backup technology in Windows Server 2008 also known as Windows Server Backup (WSB) has improved over the previous versions of Windows Server. It no more includes archive bit, full backup, or files based backup. The new backup technology of Windows Server 2008 performs an image based backup because it uses Volume Shadow Copy Service (VSS) for backup. Because the backup is a selective image, it is fast as compared to file-based backups in previous Windows Server versions. This is because the overhead of opening and closing each file to be backed up is not required.
The image backup does not allow blank space, page file, hibernate file, and certain folders to be backed up. The resulting backup file is a .VHD file. In Windows Server 2008 the backup can be taken for entire volumes and individual files and directories cannot be selected for backup. In addition, you can only select local volumes to backup and not the network shares. The WSB allows you to backup the System State Data, data that includes server configuration, and Ntds.dit directory store. All successive backups after the normal backup become fast because only the changed blocks are backed up.
All backups appear full even though only differential backup is taken. The backup restores are also fast because you don’t have to restore file from a combination of multiple backups such as Full + Incremental + Incremental. You can restore specific files from a folder or all the contents of a folder from a backup. You can also backup and recover other VSS applications such as SQL Server 2005 and Exchange Server 2007 because the entire backup is based on the VSS.
Another bonus with Windows Server 2008 backup is the automatic disk space management which ensures that you never run out of disk space because of backup. This is because previous versions of backups are automatically discarded as the backup device fills up. However, a system state backup is not incremental. Therefore, each system state backup requires a similar amount of space.
The WSB does not allow backing up to tapes. You can create backup images on hard disk drives, external USB drives, network shares, or recordable DVDs. The backup feature is not installed in Windows Server 2008 automatically. You need to install the Windows Server Backup, Command-line Tools, and Windows PowerShell items to use backup feature. These items are available in the Add Features Wizard that can be invoked through Server Manager.
To perform backups of AD DS, you must be a member of the Administrators group. However to perform unscheduled backups, you can be a member of the Backup Operators group. To restore a domain controller, you need the Directory Services Restore Mode (DSRM) password.
You can perform an interactive full system backup through command line tool
Wbadmin.exe. To invoke the command, you need to type:
Wbadmin start backup -allcritical -backuptarget: location -quiet
To configure backup in Server 2008, you need to:
- Install Windows Server Backup through Server Manager
- Click Start-> Administrative Tools-> Windows Server Backup. The Windows Server Backup window appears, as shown in Figure 6-1.
- Click Backup Once from the Action menu.
The Backup Once Wizard appears.
- Click Different option from the Backup options page and then click Next. The Select backup configuration page appears, as shown in Figure 6-2.
- Click Full server option if you want to take a complete backup. This is usually recommended if you are taking backup for the first time and then click Next.
The Specify destination type page appears.
- Click Local drives to take the backup on the local drive or Remote shared folder to take backup on a network share and then click Next. The Select backup destination page appears if you have selected Local drives else Specify remote folder page appears.
- Select a drive and then click Next on the Select backup location page or provide shared folder information and then click Next on the Specify remote folder page as per your choice of the destination type.If you have specified the remote folder as a backup destination then provide the path to the shared folder in the Type the path to the shared folder field and then select Do not inherit or Inherit option from Access Control field.The Inherit option provides access to all the people who have access to that folder and do not inherit will allow access to the backup folder to users who can provide user credentials to that folder that match the credentials set in the Provide user credentials for Backup dialog box that appears next.The Specify advanced option page appears.
- Select VSS copy backup (recommended) option and then click Next. The Confirmation page appears.
- Review the selections that you made for backup and then click Backup. The backup process is started.
- Click Close at any time option. This will run the backup in the background and will allow you to view backup progress at any time during the backup. The wizard closes automatically when the backup is complete.
Schedule the Backup
To ensure that you always have the latest backup copy of your AD DS directory, you
- Install Windows Server Backup through Server Manager
- Click Start-> Administrative Tools-> Windows Server Backup. The Windows Server Backup window appears.
- Click Backup Schedule from the Action menu. The Getting Started page of the Backup Schedule Wizard appears, as shown in Figure 6-3.
- Click Next. The Select backup configuration page appears.
- Click Full Server (recommended) option and then click Next. The Specify backup time page appears.
- Specify the backup time on which you want to schedule the backup. You can schedule a backup once a day or more than once a day.
- Click Next. The Select destination disk page appears.
- Select your destination disk, and then click Next.
- Click Yes to confirm that the destination disk will be reformatted. The Label destination disk page appears.
- Click Next. Confirmation page appears.
- Click Next. The Summary page appears.
- Click Finish and then click Close.
The data that you have backed up can only be recovered back through restore. Windows
Server backup in Windows Server 2008 has three recovery modes:
- Full server recovery: This mode recovers the full system on the same server or another server. It not only restores back the system state but reformats and repartitions all disks that are attached to the server. However, you need to be cautious while performing the full server recovery because any existing data that is not included in the backup will be deleted when the recovery process is completed including the volumes that are not included in the backup.
- System state recovery: This recovery mode is also known as nonauthoritative restore of a domain controller. You perform this restore to get back the directory service to a previous date state when the backup was created. After this restore, all the domain controllers of the AD DS domain are also updated with changes that have occurred since the time that the backup was created through Active Directory replication.
- File/folder recovery: This recovery mode is also known as authoritative restore. It is used to recover objects and containers that have been deleted from AD DS.
Full System Recovery or System State Recovery
To perform full server recovery of a domain controller or to perform a nonauthoritative
restore, you need to:
- Insert the Windows Server 2008 installation DVD and follow the installation steps till the Install now screen appears.
- Click Repair your computer. The System Recovery Options page appears.
- Clear the selected operating systems if any and then click Next.
- Click Windows Complete PC Restore under Choose a recovery tool.
- Select the location of the backup on the Select the location of the backup page and then click Next.Alternatively, if the backup is stored on a network shared folder, click Advanced, and then click Search for a backup on the network.
- Click Yes to confirm.
- Type the path of the network folder in Network Folder and then click OK.
- Type the appropriate credentials to restore the backup, and then click OK.
- Click the location of the backup and then click Next on the Select the location of the backup page.
- Select the backup to restore, and then click Next.
- Choose how to restore the backup page by selecting the Format and repartition disks check box, if you want to replace all data on all volumes. Alternatively, click Exclude Disks to prevent volumes that are not included in the restore from being deleted and re-created and then select the check box for the disks that you want to exclude, and then click OK.
- Click Next and then click Finish.
- Select the I confirm that I want to format the disks and restore the backup check box, and then click OK.
You can also performing a full server recovery of a domain controller by using the
command line. To use the command line, you need to:
- Follow the steps from 1-3 of the procedure given above
- Click Command Prompt under Choose a recovery tool.
- Type diskpart, and then press ENTER at the Sources prompt.
- Type list vol, and then press ENTER at the Diskpart prompt.
- Select the volume that contains the full server backup that you want to restore.
- Type exit, and then press ENTER.
- Type the following command at the Sources prompt, and then press ENTER:
wbadmin get versions -backupTarget:<targetDrive>:
<targetDrive>: is the location of the backup that you want to restore and
the <BackupComputerName> is the name of the computer where you want to recover the backup. Use this parameter, if the backup is stored on
a remote computer.
To perform Authoritative restore, you need to:
- Start the domain controller in Directory Services Restore Mode DSRM
- Start the elevated command prompt by right-clicking the command prompt and then selecting Run as Administrator option.
- Restore the desired backup by piping the snapshots displayed into a text file by typing the command:Ntdsutil “activate instance NTDS” snapshot “list all” quit quit > snapshot.txt
- Locate the GUID of the backup that you need to restore in the snapshot.txt file
- Mount the snapshot by typing the snapshot GUID in the following command:Ntdsutil activate instance NTDS snapshot mount <GUID> quit quit