What is a system state backup for?

windows rdiff-backup system-state
3,118

Solution 1

The system state contains a number of items:

  • System Registry
  • COM + Database
  • Certificate Services
  • Active Directory
  • SysVol
  • IIS Metabase

Some of these items are only included if the specified service is installed (AD, IIS, Certificates). (Details are online. TechNet: Server 2003/2003R2. MSDN: Server 2003/2003R2.TechNet forums: Server 2008. MSDN: Server 2008 and upwards)

If you need to restore a server, you will need this state to recover the registry, or your AD Domain, or IIS sites.

You can restore system state to the same server, or another server with identical hardware. Microsoft does not support restoring system state to different hardware (see this article), however it is possible in some occasions, and with some parts of the system state, for example the IIS metabase. In that guess its really a case of try it an see, but its not a recommended solution..

Solution 2

Regardless of what Microsoft says - it's possible to restore the system to basically any compatible hardware.

Here how this works (Windows 2000 & 2003 validated):

  1. Create a machine with identical CPU type (e.g x32 or x64 as the original server)
  2. Apply all the latest SP to it.

  3. Copy to C:\exclude folder (just as example) the following files:

    %systemdrive%\boot.ini
%systemdrive%\ntdetect.com
%systemdrive%\ntldr
%systemroot%\system32\hal.dll
%systemroot%\system32\kernel32.dll
%systemroot%\system32\ntoskrnl.exe
%systemroot%\system32\ntkrnlpa.exe
%systemroot%\system32\ntdll.dll
%systemroot%\system32\win32k.sys
%systemroot%\system32\winsrv.dll
%systemroot%\system32\drivers\etc\hosts

  4. Perform full system restore. Do not reboot.

  5. Perform System State restore. Do not reboot.
  6. Copy the excluded files back to the original location. Reboot.
  7. System will boot and will request to install drivers for the hardware.
  8. After several reboots, the server will be exactly as a previous one, just on the different hardware.

It works for AD DCs as well.

Solution 3

The System State Backup should be part of your Windows Server backup plan and preparation for a disaster recovery.

The System State contains the operating configuration files. Before you install a driver, patch or program on your server, consider, what will be your fall back position if the operating system crashes. You should create a System State backup which you could use to rollback in case of a problem.

The System State contains boot files (Boot.ini, NDTLDR, NTDetect.com), the Windows Registry including COM settings, the SYSVOL (Group Policies and Logon Scripts), the Active Directory and NTDS.DIT on Domain Controllers and, if the service is installed, the Certificate Store. If your server runs IIS, the IIS Metadirectory will be includedand Cluster Service information if the server is part of a cluster.

You don’t have to know which of these components to choose. The Backup/Restore application will do this automatically when you start a System State backup. Likewise you cannot choose which components to restore: all System State data will be restored, because of possible dependencies among the components. It is possible to restore the System State to an alternative location. Not all data is restored when you restore to an alternative location. Only the components System boot files, registry files, SYSVOL directory files and Cluster database information files will be restored.

Note: When you backup System State, you can either include or exclude system-protected boot files. System-protected boot files are not used for installations from restored backup media. When the backup file that you create is to be used for additional domain controller installations, you can uncheck the advanced option to back up system-protected files. Clearing this option decreases the size of the .bkf file, as well as the time required to backup, restore, and copy the System State files.

Solution 4

Windows in-built backup utility is basically useful.

For regular office backup, I do the following

  1. A full backup for system state (maybe a system partition backup is necessary)
  2. File backup for those important data, and then do incremental file backup with daily rate (it means an automatic backup with pre-set schedules)

For regular home PC backup:

  1. Full backup for system state
  2. Back up important data, maybe docs, photos, and other things. No matter which utility you use, please check the image integrity after you finish the backup work.

And I thought the way you referred, recovering system windows on another machine, is universal restore. It seems that windows in-built backup does not support universal restore. Two ways you can restore system to another machine:

  1. Directly clone your system based HDD to another hard drive disk, and you will get a new HDD with system installed and programs saved. For sure, the SAM configuration. Useful but value-added backup programs ToDo backup XXclone.

  2. Back up system firstly, and then use universal restore to restore it to another. I've checked some popular programs, little of them can do universal restore. For a program with built-in universal restore, I only found ToDo Backup can do this, and works well. That means, if you pay for a backup program, there is no need for you to pay more to get universal restore.

Share:
3,118

Related videos on Youtube

theburningmonk
Author by

theburningmonk

Updated on September 17, 2022

Comments

  • theburningmonk
    theburningmonk almost 2 years

    Currently we have a batch driven process at work which runs every 15 mins and everytime it runs it repeats this cycle several times:

    1. Calls a sproc and get some data back from the DB
    2. Process the data
    3. Saves the result back to the DB

    It can't load all the data in one go because the data are segregated by a number of fields and each group of data requires different behaviour during processing (configurable from a front end). However, recent changes in the business has resulted in a sudden surge in the volume of data (and therefore the processing time required) for some of the groups, so now whenever one of the groups overruns it delays all the other groups.

    Our plan is to parallelise this process across multiple machines so that:

    • there is a central controller (master) and several workstations (slaves)
    • master is responsible for scheduling the runs (configurable from a front end)
    • master (or a separate component) is responsible for loading/saving data to and from the DB (in order to avoid deadlocks/contention between the multiple slaves)
    • slaves receive work items, process them and return the results to master
    • there is a primary slave (main production server in our environment) which will usually receive all the work items
    • secondary slaves will receive work only if the primary slave is working on a group which requires longer processing time (master can identify this based on the size of the data returned or it can be left to configuration)
    • if slave throws exception during processing, alert email is sent to support team, and the same work item is picked up during the next schedule cycle
    • not sure what to do with timeouts yet

    I have done some research on the Master-Slave pattern for distributed environment but so far haven't found many reference material, does anyone here know of a good implementation of such pattern? Any pointers on potential pitfalls of such an architecture would be much appreciated too!

    Thanks,

  • Shoshan
    Shoshan about 15 years
    And can ber recoverend on another machine, different hardware?
  • Sam Cogan
    Sam Cogan about 15 years
    See updates to answer
  • theburningmonk
    theburningmonk over 14 years
    yup, that was one of the solutions we considered, but there will be serious limitations on how far we can go with this approach as the main production box is also used by other business critical, processing intensive apps in our world. the problem here is that our process maxes out one of the CPUs for pretty much the duration of the processing because of the number crunching it has to do and if we go multi-threading on the same box there's a good chance that we will start affecting the performance of other more critical systems
  • theburningmonk
    theburningmonk over 14 years
    oh, and yes, the writes to the DB will be serialised, but that's not a problem for us as most of the time are being spent processing the data so the serialised DB access shouldn't prove a bottleneck
  • Chris Card
    Chris Card over 14 years
    you could have a queue of work in the database and a pool of machines picking up the work.
  • Schneider
    Schneider over 13 years
    How does this relate to installed applications? If you do a system image and DONT include "system state" does that means apps are no longer "installed" when you restore the image? (assuming their installation state is stored in registry)
  • Sam Cogan
    Sam Cogan over 13 years
    @jack if you do a system image, then you should be able to restore the whole system to it's original state including applications, this is separate to doing a standard backup, where the system state would include the registry settings for the application.
  • John Gardeniers
    John Gardeniers over 13 years
    This looks very interesting (and I'm bookmarking it) but how much have you tested this procedure?
  • Vick Vega
    Vick Vega over 13 years
    Oh, extensively, believe me. I have entire DR for a major company relying on this procedure. It has been tested numerous times.
  • Austin ''Danger'' Powers
    Austin ''Danger'' Powers almost 11 years
    This looks absolutely brilliant. I will be testing it out this weekend. For bare metal restores- this looks far superior to using 3rd party tools. EASEUS Todo Backup is outstanding for workstations but, unfortunately, it had trouble finding our HighPoint RocketRAID drivers (so we could not use it to image our SBS 2003 server). I am excited to potentially have a way to clone the server to different hardware in case of serious hardware or operating system failures. Will update with my experiences using Vick's method soon.
  • Vick Vega
    Vick Vega almost 9 years
    Returning to my old post .... Eventually I did the same thing for Windows 2008 / 2008 R2 / 2012 R2, The steps are slightly different because of the recovery partition, but it works. Of cause there was NOT that much testing done, however multiple retries provided the needed result. In the 2008/2012 area, it's even easier as much as I can say.
  • Abraxas
    Abraxas over 8 years
    I'll be checking this out. Do you have the modified steps for 2008/2012?
  • Vick Vega
    Vick Vega over 8 years
    @Abraxas Yes, I do. Will upload.
  • Vick Vega
    Vick Vega over 8 years
    I can't post the document, I would have to re-do it.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to fix system state backup error and NTDS VSS (error: 0x800423f4) state [11]?
How to print and connect to printer using flutter desktop via usb?
Why does Windows magically "couple" some files like this?
Flutter_CLI: Because every version of flutterfire_cli depends on xml >=5.3.0 which requires SDK version >=2.14.0 <3.0.0, flutterfire_cli is forbidden
Can windows viruses affect my encrypted linux partition on the same disk?
How can I reduce the noise my CPU makes, like fast mouse movement does?
Flutter - Why is there a windows folder in my app?
No implementation found for method getAll on channel dev.fluttercommunity.plus/package_info
Flutter Visual Studio - develop for Windows
How to unblock the program from the group policy in Android Studio for a Flutter application?