Globalize Networks blog

ASR Backups are a cool way to get system state backups of  Windows 2003 server.  They are cooler than regular NTBackup system state backups, because you can do a “bare metal” restore by booting a system with no OS to the installation CD and providing the ASR disk and path to backup files (USB drive, locally installed disk, etc.)

People that have used ASR backups sporadically might be surprised to learn that yes, it is possible to automate ASR Backups.  It’s not really documented, but NTBackup.exe accepts a parameter called “asrbackup”.  Now you might be saying – well I don’t really want to leave a floppy disk in the drive all the time, and I don’t want to be swapping floppy disks every  backup or maybe I have machines without floppy drives.  Well, I hear you!  But have you ever heard of Virtual Floppy for Windows?  It basically lets you create a virtual floppy drive and script the insertion and removal of virtual floppies which are like tiny little .iso files.

Here how I did it:

1. Download and unzip Virtual Floppy for Windows
2. Write yourself a batch file that looks something like this:

REM Get the date for the file using the wonderful :~ trick — thanks to Terry Uptmor for that trick
set MYDATE=
set MYYEAR=
set MYMONTH=
set MYDAY=
set FILENAME=
set MYDATE=%DATE%
set MYYEAR=%MYDATE:~10,4%
set MYMONTH=%MYDATE:~4,2%
set MYDAY=%MYDATE:~7,2%

REM create a variable for your filename – might as well include the computer name

set FILENAME=ASR_%COMPUTERNAME%_%MYYEAR%%MYMONTH%%MYDAY%
REM might as well do some BASIC logging
Echo starting ASR Backup at %TIME% %DATE% >> backup.log
REM refer to the vfdhelp.txt for info on these commands
vfd.exe INSTALL
vfd.exe START
vfd.exe LINK A:
vfd.exe OPEN A: c:\scripts\%FILENAME%.vfd /NEW /F
REM The mysteriously undocumented asrbackup command in action (/F just specifies your filename)
ntbackup asrbackup /F “%FILENAME%.bkf”
vfd.exe SAVE
vfd.exe ULINK
vfd.exe STOP
vfd.exe REMOVE

So now you would have a .VFD file and and .BKF.  (You would probably want to also run a data backup around this time, also I’m not sure if ASR will backup non-system files on the system volume so a separate full system volume backup wouldn’t hurt).

If your server crashed, you could just load up the VFD file on your laptop (which is all prepped with VFD.exe and ready to go of course to a virtual B: drive and use windows explorer to do a “copy disk” over to a physical floppy (using your handy USB floppy drive), plug  a large usb drive with the bkf files on it to the new server, boot to the 2003 install disk, select ASR option, yadda yadda yadda

I had a lively exchange with another consultant today that included a discussion of imaging client machines. This other fellow subscribed to what I think is an old school philosophy that there should be a separate volume for the system and the data on client machines. I still subscribe to this view in regard to servers – but in that case we are usually talking about different disk arrays (i.e. a two-drive RAID 1 container and a N-Drive RAID 5 or RAID 10 container)

So his primary argument in favor of a separate system volume (or partition in his case as he is an adherent to FAT32 – which is a whole other can of worms) was that he can keep a “ghost” image on the data partition and if there is ever a problem with the system partition or if the OS won’t boot, he can walk the end-user through booting to DOS and running a script to re-image machine. Now I like the creativity of this solution, but here are my reservations:

1. Using FAT32 is probably causing as many blue screens as it solves. Because it’s not a journaling file system, you are more likely to run into problems whenever Windows is ungracefully shut down.
2. Having users self image a machine risks overwriting data that might have been unknowingly saved to the system partition.
3. It can be a waste of disk space if you allocate too much space for the system partition, but you risk filling it up and bringing the system down if you allocate too little.

I think it’s simplest to just keep one partition.

1. You don’t need to worry about resizing partitions or wasting disk space.
2. Simplifies administration (no need to document or train admins on this aspect of a client build)
3. You can save a base “ghost” image to the fileserver or on a USB drive somewhere. If you do want to risk having the end-user re-image their machine, you can have them first backup their current image to USB.

Of course client data backups are a must:

http://globalizenetworks.com/blog/2008/05/22/client-backups

Some IT shops don’t even bother with client backups. I’ve had one IT Admin tell me that he sets a policy for all users to save their data on the network. If they neglect to do that, it’s not his fault. This CYA approach only makes sense if you are almost deliberately blind to the underlying business goals. How many hours of labor does client data represent? Are we to leave the security of this asset to user discretion? I think not.

So what do we do? Well, for some clients, the best way is to use offline folders:

1. Create a GPO that redirects the my documents and desktop to folders on the server
2. open GPMC.msc (GPMC download from Microsoft)
3. Select the GPO that you want to use | right-click | Edit
4. User Configuration | Windows Settings | Folder Redirection | right-click Desktop | Properties
5. Under Setting select “Basic – Redirect everyone’s folder to the same location”
6. Under “Target Folder…” select “Create a folder for each user…” ( we already had folders for each user, but that didn’t matter.)
7. Under “Root Path” put the path to your users share (i.e. “\\server\users\”
8. Repeat for “My Documents”

Now their “My Documents” and “Desktop” special folders are pointing to a location on the server (which is being backed up to tape or mozy or whatever) and have been automatically made available offline

Some things to note:

1. The first time this GPO is applied to a new user, XP appears to hang with a blank screen right after login. This is normal, though annoying. Windows is just copying the user data up to the server, then making a local cache by copying it back down (I’m guessing.) You can check progress by checking the size of the user’s home directory periodically. Watch your disk space, depending on your settings, you might end up with two copies of the user data: the old data in c:\documents and settings and one cached copy in c:\windows\csc
2. VPN – this is a nightmare. The user will always be offline when they login at home (unless you use this connection for login?) I’ve gotten many calls about users not being able to see all of the files on the server when VPN’d in. Basically they are still working offline and can only see the files that are available offline. Running a manual synchronize usually fixes this and most other offline folders problems (My Computer | tools | synchronize | synchronize)
3. I’ve seen some printers stop working when a user goes offline due to a network glitch- a manual synch fixes this too
4. Offline folders are usually cached locally in c:\windows\CSC, but you can change this location using cachemov.exe from the w2k resource kit. Vista users can have fun with this http://support.microsoft.com/kb/942960
5. Sometimes your server’s autodisconnect feature wreaks havoc on offline folders, you can try this: net config server /autodisconnect:-1 (http://support.microsoft.com/kb/138365)
6. Offline folders over slow VPN connections can be a pain, so you MIGHT try the old “Go Offline on Slow Link” trick. (http://support.microsoft.com/kb/811525# see the Overview section) Of course I ran into a wonderful scenario where not all needed files are available offline when a user was at a poorly connect site. So I was stuck, if we set them to go offline, they could only see their own my document and desktop folders on the server. If we put them online, the performance was terrible trying access their own desktop. I basically had to remove offline folders for these users.
7. You can’t make PST files or MDB files available offline, but it still give errors on these types of files unless you MANUALLY right click each one and UNselect “make available offline” – Why is this? I do not know. It shouldn’t ever try to make them available offline in the first place. Oh well.

So we look at all of these problems and now you can see why I sometimes just say “The heck with it” and run a nice little robocopy.exe script: (available in the w2k3 resource kit http://www.microsoft.com/downloads/details.aspx?FamilyID=9D467A69-57FF-4AE7-96EE-B18C4790CFFD&displaylang=en)

Robocopy is like the copy command but it only moves files that are changed (newer) BY DEFAULT. There is no switch to make it do that. Just put a batch file into the “startup folder” and you are good to go. If a user cancels that weird DOS window – no sweat. It will just pick up where it left off next login. I usually do something like this:

robocopy /e /zb “c:\documents and settings\user\My Documents” “\\server\users\user\My Documents”
robocopy /e /zb “c:\documents and settings\user\Desktop” “\\server\users\user\Desktop”

Robocopy even has a /IPG:n :: Inter-Packet Gap (ms), to free bandwidth on slow lines. (nice)

I like free things that work. Why did I try to use offline folders again? (Of course offline folders works better when you might need conflict resolution like a file is modified in BOTH locations. But a basic backup scenario doesn’t result in this usually.)

Why am I so turned off by online backups?  Well I’m not entirely turned off, I use http://filesanywhere.com to backup my personal workstation. Here are some things that bother me:

1. special files – The performance of online backups relies on being able to perform incremental backups (and compress these?).  But some special files are problematic to incrementally backup: SQL & MS Access databases, Exchange Information Stores, Outlook PST files, Active Directory, etc.  Of course I trust Backup Exec to perform incremental backups of databases and information stores, but many online services don’t even offer that feature.
2. Ok, let’s say that you have to restore EVERYTHING.  How long will that take?  Say you have 150 GB of data and a T1.  (Is it over 13 hours at the theoretical maximum? T1 = 1.5 megabits per second /8 = 187 megaBYTEs per second, 150,000 MB / 187 MBps /60 = ~13 hours.  But when do we ever get full 1.5 mbps transfer rates?  1.2 is probably more realistic so > 16 hours.)  Of course that probably does compare with other off-site solutions like sending tapes to Iron Mountain…

Well, everyone keeps talking about http://mozy.com and they claim to be able to backup all of these special files and they can overnight a DVD in the event of a full restore scenario.  So I guess that I just need to get an account and do some intense testing. (Of course General Electric is already using it for client backups, so who am I to question them? )

• One problem is that for clients with very large data sets, this gets really pricey.  Mozy charges $1.75/GB so 500 GB of data is $875 a month!  We can do it by hand to tape at an hourly rate  and use Iron Mountain for cheaper than that.
• I might look into idrive.com which is much cheaper ($49.95 for 500 GB) but they don’t advertise exchange or sql backups.
• ibackup.com claims to do exchange and SQL for about $1/GB, but do they have the high-profile clients that mozy can boast?