Chapter Overview

1
Chapter Overview

• Backing Up Your Network
• Backing Up and Restoring Active Directory

2
Backing Up Your Network

• Backups are copies of data, made regularly, that
  let you restore data if a drive fails or is
  damaged.
• Backups are the ultimate fault-tolerance measure.
• A network backup strategy specifies what data is
  backed up, how often, and the type of media used
  to store the backups.
• Backup decisions include hardware, software, and
  the type of backup to be performed.

3
Backup Hardware

• The ideal storage device can store an entire
  backup job on a single tape or other storage
  unit.
• When choosing a storage device for backups,
  consider
• The speed at which the drive writes data
• The cost of the device
• The cost of the media used by the device
• The cost per megabyte

4
Magnetic Tape Drives

• Are the most common hardware device used for
  backups
• Are well suited for backups fast, can hold a
  large volume of data, can be archived
  indefinitely, and have a low cost per megabyte
• Include many different types

• Digital linear tape (DLT)
• Linear tape-open (LTO)

• Quarter-inch cartridge (QIC)
• Digital audio tape (DAT)
• 8 mm

5
Autochangers

• You can use an autochanger to create an automated
  backup solution that provides greater capacity
  than a single drive does.
• Autochangers are sometimes called jukeboxes or
  tape libraries.
• An autochanger contains one or more drives, a
  media array, and a robotic mechanism that swaps
  the media in and out of the drives.
• An autochanger has a higher capacity than a
  single drive.
• The cost of autochangers can be high.

6
Backup Software

• A specialized software product is required to
  address the storage device and send data to it
  for storage.
• Sometimes a backup program is included with an
  operating system, but it usually provides only
  basic functionality.
• When selecting backup software, consider

• Media rotation
• Restoring
• Disaster recovery
• Network backup functions

• Target selection and filtering
• Drive manipulation
• Scheduling
• Logging and cataloging

7
Target Selection and Filtering

• A good backup program lets you easily select what
  you want to back up (the target).
• Most programs use a tree display so you can
  select entire computers, specific drives, or
  individual folders.
• You might not need to back up all of the data on
  a computer every time you perform a backup.
• A good backup program provides a variety of
  filters that let you select targets based on
  various attributes.

8
The Backup Dialog Box in Windows 2000 Backup
9
Full, Incremental, and Differential Backups

• The most basic type of backup job is a full
  backup, which backs up the entire contents of a
  computers drives.
• To save tape and shorten backup time, many
  administrators perform full backups only once a
  week or less frequently.
• During a full backup, the backup software resets
  (that is, removes) the archive bit on all the
  files it copies to tape.
• Between full backups administrators perform
  incremental and differential backups.

10
Full, Incremental, and Differential Backups
(Cont.)

• An incremental backup backs up only the files
  that have changed since the last backup.
• Resets the archive bit on all of the files it
  copies to tape
• Uses the least amount of tape and time to back up
• Takes longer to restore data
• A differential backup backs up only the files
  that have changed since the last full backup.
• Does not reset the archive bit on the files it
  copies to tape
• Uses more tape and time than incremental backups
• Restores data more easily than an incremental
  backup does

11
Drive Manipulation

• Backup software lets you select a backup device
  and prepare to run the job by configuring the
  drive and storage medium.
• Backing up to a tape drive may include
• Formatting a tape
• Supplying a name for the tape
• Specifying whether to append the backed up files
  to the tape or overwrite the tape
• Turning on the drives compression feature

12
Scheduling

• The key to automating backups is being able to
  schedule jobs to execute unattended.
• Ideally, backups are run when the office is
  closed and the network is idle, so all resources
  are available for backup.
• Backup programs use different methods to
  automatically execute backup jobs, but the
  process of scheduling is similar among all
  products.
• You specify whether to execute the job once or
  periodically at a specified time each day, week,
  or month.

13
The Schedule Job Dialog Box in Windows 2000
Backup
14
Logging and Cataloging

• Most backup products maintain a log of the backup
  process.
• You can specify the level of detail for the log.
• You should periodically check the logs.
• Backup programs catalog the files they back up.
• The catalog is a list of every file backed up
  during each job.
• To restore files, you browse the catalog and
  select the files, directories, or drives you want
  to restore.

15
Media Rotation

• Backup tapes are typically reused to save money.
• Use a media rotation scheme so you do not
  inadvertently overwrite a tape you will need
  later.
• There are several common media rotation schemes.
• One of the most common is Grandfather-Father-Son,
  in which
• Backup jobs are run monthly, weekly, and daily
• You have one set of tapes for daily jobs (reused
  every week), a set of weekly tapes (reused every
  month), and a set of monthly tapes (reused every
  year)

16
Restoring

• The ease of locating and restoring files is an
  important feature of any backup software product.
• You must perform periodic test restores from your
  backup tapes to ensure that your backups are
  valid.
• A backup program with a database that lets you
  search for a file makes the job of restoring much
  easier.
• To perform a restore
• 1. Select the desired files, directories, or
  drives, usually from a tree display.
• 2. Specify the location where the selected
  elements should be restored.

17
The Restore Dialog Box in Windows 2000 Backup
18
Disaster Recovery

• If the drive in the computer hosting the backup
  program fails, you may have to completely
  reinstall the operating system and the backup
  software before you can restore data.
• Many backup programs provide a feature that lets
  you create a boot disk to use for disaster
  recovery.
• The disaster recovery feature loads just enough
  of the operating system and backup program to let
  you perform a restore.

19
Network Backup Functions

• Choose a backup program designed for network use,
  not stand-alone, so you can back up other
  computers on the network.
• Fully functional network backup products can back
  up important operating system components, such as
  the Windows registry and directory service
  databases.
• Some network products have add-ons that let you
  back up live databases or computers running other
  operating systems.

20
Lesson Summary

• Magnetic tape is the most popular storage medium
  for backups because it is fast, inexpensive, and
  holds a lot of data.
• An incremental backup
• Backs up only the files that have changed since
  the last backup
• Resets the archive bit on copied files
• A differential backup
• Backs up only the files that have changed since
  the last full backup
• Does not reset the archive bit on copied files
• Network backup software is preferable to programs
  designed for stand-alone systems because it lets
  you back up data on other computers.

21
Backing Up and Restoring Active Directory

• You back up Active Directory data by using the
  Backup Wizard in the Microsoft Windows 2000
  Backup program.
• You must know
• The difference between a nonauthoritative and
  authoritative restore
• How to use the Restore Wizard in the Windows 2000
  Backup program to perform both of these types of
  restores

22
Performing Preliminary Tasks

• Before you perform a backup, ensure that the
  files you want to back up are closed, because
  Windows Backup does not back up files that are
  locked open by applications.
• If you use a removable media device, ensure that
• The backup device is properly installed on the
  computer running Windows Backup
• The media device is listed on the Windows 2000
  Hardware Compatibility List (HCL)
• The media is loaded in the device

23
Using the Backup Wizard

• After completing the preliminary tasks, back up
  Active Directory service by using the Backup
  Wizard in Windows Backup.
• To start the Backup Wizard
• 1. Log on as Administrator.
  2. Click Start, point to Programs,
  point to Accessories, point to System Tools,
  and then click Backup.
  3. In the Backup
  dialog box, click Backup Wizard.

24
The What To Back Up Page in the Backup Wizard
25
The What To Back Up Page in the Backup Wizard
(Cont.)

• To back up Active Directory, select the Only Back
  Up The System State Data option.
• For Microsoft Windows 2000 Server, System State
  data includes the registry, COM Class
  Registration database, system boot files, and
  Certificate Services database.
• If the computer is a domain controller, System
  State data also includes Active Directory and the
  SYSVOL directory.
• When using Windows 2000 Backup, you can only back
  up System State data on the local computer.

26
The Where To Store The Backup Page in the Backup
Wizard

• In this page, specify
• Backup Media Type the target medium to use, such
  as tape or file
• Backup Media Or File Name the name of the tape
  or the path to a file
• Next, specify whether to
• Start the backup now by clicking Finish, or
• Specify advanced backup options

27
The Where To Store The Backup Page in the Backup
Wizard (Cont.)
28
Specifying Advanced Backup Settings

• When you specify advanced backup settings, you
  change the default settings for the current
  backup job only.
• Advanced backup settings include
• Type of Backup Normal, Copy, Incremental,
  Differential, or Daily
• How To Backup with or without verify or hardware
  compression
• Media Options append to tape or overwrite tape
• Backup Label name and description for the job
• When To Back Up now or later job name and start
  date set the backup schedule

29
Scheduling Active Directory Backup Jobs

• You can schedule an Active Directory backup job
  to occur
• Unattended when users are not at work and files
  are closed
• At regular intervals
• Windows 2000 Backup is integrated with the Task
  Scheduler service to enable scheduling backups.
• To schedule a backup, click Later in the When To
  Back Up page in the Backup Wizard.

30
Preparing to Restore Active Directory

• Like the backup process, when you restore Active
  Directory, you restore all of the System State
  datayou cannot restore individual components.
• When restoring the System State data on a domain
  controller, you must choose a nonauthoritative
  restore or an authoritative restore.
• The default is nonauthoritative.

31
Nonauthoritative Restore

• In Nonauthoritative mode, any component of the
  System State data that is replicated with another
  domain controller is brought up to date, by
  replication, after the restore is performed.
• The Active Directory replication system updates
  the restored data with newer data from other
  domain controllers.

32
Authoritative Restore

• If you do not want to replicate the changes made
  since the last backup operation, perform an
  authoritative restore.
• Authoritative restores are commonly used when
  users, groups, or organizational units (OUs) have
  been inadvertently deleted.
• To authoritatively restore Active Directory data
  
  1. Nonauthoritatively restore the
  System State data. 2. Run Ntdsutil.exe to mark
  certain objects as authoritative before you
  restart the server.

33
Performing a Nonauthoritative Restore

• To restore System State data on a domain
  controller, start the computer in Directory
  Services Restore Mode.
• You can restore System State data only on a local
  computer.
• When restoring System State data, if you do not
  designate an alternate location for the restored
  data, Backup
• Erases the System State data that is currently on
  the computer
• Replaces it with the System State data you are
  restoring

34
Using the Restore Wizard

• To nonauthoritatively restore Active Directory
• 1. Restart the computer and then press F8
  during startup.
• 2. Select Directory Services Restore Mode from
  the Windows 2000 Advanced Options menu, and
  then press Enter.
• 3. Select Microsoft Windows 2000 Server, and
  then press Enter.
• 4. Log on as Administrator, using the password
  you provided when you promoted the computer to
  a domain controller.
• 5. Click OK in the Desktop message box.
• 6. From the desktop, click Start, point to
  Programs, point to Accessories, point to System
  Tools, and then click Backup.
• 7. In the Backup dialog box, click Restore
  Wizard.

35
The What To Restore Page in the Restore Wizard
36
Specifying Advanced Restore Settings
37
Performing an Authoritative Restore

• To perform an authoritative restore
• 1. Perform a nonauthoritative restore.
• 2. Run Ntdsutil.exe from a command prompt to
  designate objects to be recognized as
  authoritative with respect to other domain
  controllers configured for replication.
• 3. Restart the domain controller in normal
  mode.
• Replication will
• Bring the restored domain controller up to date
  with any changes that the authoritative restore
  did not override
• Propagate the authoritatively restored objects to
  other domain controllers

38
Additional Tasks for Authoritatively Restoring
the Entire Active Directory Database

• When you authoritatively restore the entire
  Active Directory database, you must copy the
  SYSVOL directory from the alternate location over
  the existing one after the SYSVOL share is
  published.
• When you authoritatively restore a portion of the
  Active Directory database, you must copy the
  policy folders corresponding to the restored
  Policy objects from the alternate location over
  the existing ones after the SYSVOL share is
  published.

39
Lesson Summary

• To back up Active Directory service, back up
  System State data.
• You can only back up and restore System State
  data as a whole.
• When restoring System State data in
  Nonauthoritative mode, any component that is
  replicated with another domain controller is
  brought up to date by replication after you
  restore the data.
• If you do not want to replicate changes made
  since the last backup, perform an authoritative
  restore.
• To perform an authoritative restore
• 1. Perform a nonauthoritative restore.
• 2. Run Ntdsutil.exe to mark objects as
  authoritative.
• 3. Restart the computer.