Backup WIndows server

Installation and requirement:

First , install windows server backup.

Command line: install-windowsFeature Windows-server-backup

To have the permission to do the backup and restore, the user must be a member of Local administrators group, Backup Operators group, and Server operators group. Administrators have full rights to the server.

Backup operators and Server operators have following rights:

–Back up files and directories

–Restore files and directories

–Shut down the system

Command to backup :

wbadmin

User powershell: get-command *-WB*

Configure backups  options:

• Full backup – backs up all volumes
• Custom backup – select which data you want to back up from the following options:
  • Bare metal recovery – critical volumes needed to recover a server’s OS. It includes the system state, the system reserved volume, and the volume of the windows.
  • System state – backs up boot files, Windows system files, and the Registry.
  • System Reserved – backs up files on system partition, include the boot loader files, the boot manager, system volume information,and Windows Recovery Environment (RE)
  • Individual volumes – backs up only volumes selected

Note: You can not do a bare metal recovery from backup stored on a dynamic disk. Tape is not supported in windows backup.

Specify the destination – dedicated hard disk, volume, or shared folder. The free space of the destination should be at least 1.5 times the size of the files to be backuped.

• Internal Hard drive: must be NTFS, dedicated disk is recommended but not mandatory.
• External Hard drive: Usually used for off-site backup and disaster recover.

Other things you need to know:

• Windows server backup does not backup symbolic links

Scheduled backup

You can only have one scheduled backup. To perform a scheduled backup, click Backup Schedule in the Actions pane of the Windows Server Backup console.

Choose from once a day or multiple times throughout the day, By default, it runs at 9:00pm once per day.

You must specify the destination for the backup –External drives are preferable.

Confirm the scheduled backup and the backup will begin at the scheduled time each day.

To customize the schedule

Windows is basically create a scheduled task and set it as daily. You can not create a weekly, monthly, or even only week days backup in WSB console, however, you can create these kind of backup by modifying the schedule in Task scheduler or command line:

Task scheduler: Task Scheduler > Task Schedule Library > Microsoft > Windows > Backup

The task is Microsoft-Windows-WindowsBackup and changing the Triggers from daily to weekly, monthly, or other schedule according to your need.

Command:

such as : to create a weekly backup at 19:00 Saturday night.

SCHTASKS /Create /SC WEEKLY /D SAT /TN WeeklySystemStateBackup /RL HIGHEST /ST 19:00  /TR “WBADMIN START SYSTEMSTATEBACKUP -backupTarget:I: -quiet  >> C:backupLogs.txt “

Customizing Windows Server Backup Schedule

One-time Backup

Backup begins immediately.

You should always have at least one regularly scheduled backup. Then use a one-time backup for particular situations such as before a software or hardware upgrade.

Backup performance

Backup performance can be optimized for backups of entire volumes. –Windows uses the Volume Shadow Copy Service (VSS) to perform full volume backups. VSS copies the volume block by block, Makes a mirror image of the volume.

• Normal backup performance: The full contents of the source volume are transferred, if a backup already exists on the destination, only the space required by the changed blocks is used.
• Faster backup performance( differential backup) : In this option only the changed blocks are transferred. The write performance on the source volume is decreased. In this option, windows Server backup still performs a full backup after 14 incremental backups have occurred or if more than 14 days have passed since the last full backup.
• Custom, you can choose full or differential backup for each volume.

Configure Volume shadow copy service

Use the vssadmin command-line program to configure the Volume Shadow Coy Service.  You can create and delete shadow copies and list existing shadow copies.

You can also revert a volume to an existing shadow, Overwrites the volume on a previously created shadow copy.

The revert option requires that no files be open on the volume to be reverted.

Backup server roles

Most server role data is stored in locations that are backed up if you perform a backup containing the system state.  Some roles, features, applications, and services register themselves with Windows Server Backup.

–So you can recover application-specific data without having to do a more extensive recovery

–Applications that have registered are listed in the Select Application window during a recovery

Recovery

Server recovery can mean:

• Recovery of a single file or folder
• A full server restore

Recovery file folders, volumes

If you restore single files often because of accidental deletion or to recover a previous version of a file:

• Enable the Shadow Copies feature on volumes storing documents
• Enables users to restore files themselves

You may need to restore an entire volume because of file system corruption or a failed drive:

First use wbadmin get versions to see the available versions, then you can use the wbadmin start recovery command:

eg. Recovery the D:\Docs\myfile.txt from backup with the version 10/09/2016-21:00:

  wbadmin start recovery -version:10/09/2016-21:00 -itemType:File -item:D:\Docs\myfile.txt

Or powershell: Start-WBFileRecovery

start-WBFileRecovery -backupset $Backup  -FilePathToRecover D:\Docs\myfile.txt

Recovery System state

Procedure for system state recovery varies depending on which server roles are installed

Authoritative restore – after AD is restored, the DC replicates to all other DCs in the domain, and any changes made to AD objects since backup are lost.

Nonauthoritative restore – changes made to AD objects on other DCs since the backup are kept and replicated to the server being restored.

System state recovery requires the following backup types are available: system state, bare metal recovery, or full server.

Perform a Bare Metal Recovery

Bare metal recovery (BMR) – perform this task when server has suffered catastrophic failure.

You need to be able to boot to the Windows installation medium.If restoring a VM, use an ISO file of the installation medium.

Note, the network environment may not initiate as the PE starts, use below command to configure the IP address, DNS server:

#initializes Windows® PE
wpeinit
#to find the adaptor name
ipconfig /all 

netsh interface ip set address name="Local Area Connection" static 192.168.1.19 net_mask gateway_IP
#Start the DNS client service
net start dnscache
netsh interface ip set dnsservers name="Local Area Connection" static 172.16.3.15 primary

Delete backup to free up space

You will still have a backup failure for the backup disk is full after a running scheduled backups a couple of times. The truth is, WBS will stop automatically deleting old backups when WSB can no longer track the space allocated for snapshot. As you know, backups created by WSB cannot be deleted in File Explorer. To free up more space for new backups, you can use WBadmin command to delete old backups from the command prompt.

Before the modification, we need to know the versions of the backup:

wbadmin get versions:  lists details of backups recoverable from the local computer or, if another location is specified, from another computer.

Backup time: 9/11/2016 2:48 PM
Backup target: Fixed Disk labeled I:
Version identifier: 11/09/2016-03:48
Can recover: Volume(s), File(s), Application(s), Bare Metal Recovery, System State
Snapshot ID: {eaae26da-2b4b-4986-a764-387208dabc1d}

Backup time: 12/11/2016 10:00 PM
Backup location: Network Share labeled \\diskstation\pcbackup\data
Version identifier: 11/12/2016-11:00
Can recover: Volume(s), File(s), Application(s)

wbadmin delete systemstatebackup
{-keepVersions:<NumberofCopies> | -version:<VersionIdentifier> | -deleteOldest}
[-backupTarget:<VolumeName>]
[-machine:<BackupMachineName>]
[-quiet]

wbadmin delete systemstatebackup -version:03/31/2013-10:00

wbadmin delete systemstatebackup -keepVersions:3

Windows Recovery Environment

Windows Recovery Environment (Windows RE) – a special boot option used to solve common Windows startup problems. Comes standard in Windows Server 2012/R2, Windows 8/8.1, and later OSs.

Start RE in following ways:

• If Windows Server 2012/R2 fails to start twice in a row, Windows RE starts automatically.
• Also, if there are two unexpected shutdowns within two minutes of a successful boot or if there’s a Windows Secure Boot failure.
• Type shutdown /r /o

Windows RE includes the following tools:

–Push-button reset

–System Image Recovery

–Command prompt – advanced troubleshooting tools:

• bcdedit
• bcdboot: Configures or repaires system partition. Can also used to boot to a virtual hard disk.
• bootrec
• diskpart
• bootsect
• sfc( system file checker) : Verify the versions of the protected system files. If a protected file has been overwritten, this tool retrieves the original version from \windows\system32\dllcache.
  use sfc /scannow

–Startup Settings: F8 to display.

Options in the Advanced boot option menu:

–Safe Mode

–Safe Mode with Networking

–Safe Mode with Command Prompt

–Enable Boot Logging

–Enable low-resolution video: for video troubleshooting.

–Last Known Good Configuration

–Directory Services Repair Mode

–Debugging Mode

–Disable automatic restart on system failure

–Disable Driver Signature Enforcement

–Disable Early Launch Anti-Malware Driver

–Start Windows Normally

Boot configuration data (BCD) store

BCD contains settings that determine how a Windows system boots, Usually on the reserved partition.

 Before Windows 2008 and Vista, was stored as a plain text in the boot.ini file

Contains entries describing each installed OS that can be started by the Windows boot loader, Each entry is identified with a GUID that must be referenced if you want to change an entry.Main tool for working with BCD is bcdedit.exe

Options:

– /enum: List the boot entries. Add /v to show the verbose mode.

There are two sections:

Windows boot manager: the program loaded by Computer’s BIOS that reads the BCD to see which OS are installed and available to boot.

The Windows Boot loader: describe the installed OS and where it is located.

– /copy

– /create

– /delete

– /export

– /import

– /set

– /default

– /timeout

Exampleof bcdboot

–bcdboot E:\Windows – initializes the system partition with BCD files from the E:\Windows folder and creates a boot entry in the BCD store for the OS

–bcdboot C:\Windows /s V: – copies BCD files from the C:\Windows folder to the system partition on the V drive

–bcdboot C:\Windows /l ja-jp – sets the locale in the BCD store to Japanese

Online backup

Notice:

–You need at least Windows Server 2012

–Can’t do system state, bare metal, or OS volume recoveries

–Can’t back up BitLocker-encrypted volumes

–Volume you want to back up must be online and formatted with NTFS and must be a fixed disk

–Must download and install the Microsoft Azure Backup agent on each server you want to back up

–Windows Server Backup should be installed

–You must set up a Microsoft Azure Backup account

–Microsoft Azure Backup is a fee-based subscription service

–You need a reliable Internet connection

Note that To use MS Azure backup, you must schedule a backup first.