Disaster protection describes efforts to prevent computer disasters (boot problems, hardware problems etc.) and to minimize the downtime in the event of a system failure.
Disaster recovery is the restoration of a computer so that you can logon and access system resources after a computer disaster has occurred.
Windows 2000 server supports UPS and software RAID (Redundant Array of Inexpensive Disks) to create disaster protection.
RAID 1 (mirroring) and RAID 5 (striped volumes with parity) is supported on dynamic disks. It is not provided on Windows 2000 Professional.
In RAID 1 (mirroring), ftdisk.sys, arranges that the data is put on both
disks. Any partition including the Boot- and system, can be stored in RAID 1. It
increases the read performance a bit, but write performance can decrease when
using one disk controller.
To replace a failed RAID 1 disk, you must first remove it from the mirrored
volume via the Computer Management snap in, Storage, Disk management, failed
redundancy. After this you physically removed the disk.
If the primary member of a mirror that contains the boot partition fails, you
need a boot disk to access the machine. You need to change the ARC (Advanced
RISC Computing) path in boot.ini to access the working disk.
You can use disk duplexing to reduce the risk of a failing controller. Disk duplexing uses a separate controller for one or more disks.
When using RAID 5, a parity is written in one of the disks each time. This causes some slower performance when writing to it, but is reads faster than RAID 1. (more disks to read from). If a disks fails the read performance becomes slower as the system needs to 'recalculate' the data. RAID 5 can support up to 32 disks but it cannot contain a boot- or system partition.
You can create RAID 1 and RAID 5 volumes via the create volume wizard in the Computer Management snap-in.
Parts of disaster recovery are Safe mode, the recovery console and the setup cd.
Save mode is the option to try first if a machine does not starts. When pressing F8 during the boot, it offers the following possibilities :
| Safe Mode. Starts Windows 2000 by using only the basic files and drivers. The networking part is not activated The drivers and files used are for mouse, monitor, keyboard, mass storage, base video, and default system services. The programs in the startup group and specified in the registry are not started , user profiles are not loaded and local group policies are not used. |
| Safe Mode with Networking. Same as Safe mode, but the networking files are loaded (thus policies). |
| Safe Mode with Command Prompt. Same as save mode (no networking, in VGA mode) but the eplorer.exe shell is not loaded. To present an interface cmd.exe is load for a command prompt. |
| Enable Boot Logging. Creates a boot log of devices and services that are loading. The log is saved as Ntbtlog.txt in the system root. (A boot log is always created when starting in save mode. If the log already exist, the new data is appended) You can create a boot log the have a base-line when a boot problem does occur. |
| Enable VGA Mode. Starts Windows 2000 as usual but uses the basic VGA video driver. This mode is useful when you have installed a new driver for your video card that prevents Windows 2000 from starting properly. |
| Last Known Good Configuration. Starts Windows 2000 using the settings, as stored in the registry, that Windows saved at the last shutdown. Use Last Known Good Configuration only in cases of incorrect configuration. It does not solve problems caused by corrupted or missing drivers or files. Keep in mind that system setting changes made after the last successful startup are lost. |
| Directory Services Restore Mode. Restores the Active Directory on a domain controller. (Not available on Windows 2000 Professional or on member servers.) |
| Debugging Mode. Starts Windows 2000 while sending debug information through a serial cable to another computer. (Default COM2) |
If you plan to start the computer with a safe mode option and then use the Backup program with Removable Storage, the only safe mode options you can use are Enable VGA Mode, Last Known Good Configuration, and Directory Services Restore Mode.
You can view at the registry, HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Safeboot
which drivers and services are load during a safe boot.
If save mode cannot solve the problem, you can start the machine via the
recovery console. This console offers the ability to change files on (NTFS)
volumes, stop and start services, format volumes, fix a boot sector etc. A
recovery console can be installed on a machine via winnt32 /cmdcons. If the
recovery console is not installed on a machine, it can be started via the
bootdisks or a bootable setup cd-rom. Start the installation and select the
repair option, this will offer the recovery console via option C. Than select
the installation you want to monitor (if there is more than one) and type the
administrator password.
In the recovery console you can use various commands to change the system. It is
by default not possible to copy data from the system to a floppy disk, copying
from removable media to the system is allowed.
By default the recovery gives only access to the root folder, the system root directory, the cmdcons-folder and to removable media. Group Policy security settings at 'Recovery console' can change this. ('Allow automatic administrative logon at Recovery Console' and ' Allow floppy copy and access to all drives and all folders')
If the registry is corrupted or missing or no valid installations are found, the Recovery Console starts in the root of the startup volume without requiring a password. You cannot access any folders, but you can carry out commands such as chkdsk, fixboot, and fixmbr for limited disk repairs.
You can use the following commands in the recovery console :
| Attrib. Change file attributes. |
| CD/Chdir. Change directory. |
| Systemroot. Change to the system root directory. |
| Copy. Copy files. By default wild cards are not allowed. (policy setting) |
| Del/Delete. Delete files. By default wild cards are not allowed. (policy setting) |
| Dir. View files in a folder. |
| Expand. Expand a compressed or cab file. By default wild cards are not allowed. (policy setting) |
| Md/Mkdir. Create a folder. By default wild cards are not allowed. (policy setting) |
| Rd/Rmdir. Remove a folder. By default wild cards are not allowed. (policy setting) |
| Ren/Rename. Rename a file or folder. By default wild cards are not allowed. (policy setting) |
| Chkdsk. Check Disk is used to check and repair volumes. |
| Diskpart. Add or delete partitions. |
| Fixboot. Rewrite the boot sector of a hard disk. |
| Fixmbr. Repair the Master Boot Record of the startup disk. |
| Format. Format a volume with FAT, FAT32 or NTFS. (NTFS is default) |
| Map. Shows information about the volumes on the hard disk. |
| Listsvc. Displays the services and drivers that can be disabled or enabled. |
| Disable. Disable a service or driver. |
| Enable .Enable a service or driver. |
| Batch. Run commands via a text file. |
| CLS. Clear screen. |
| Logon. Shows to installation on the system you can logon to. |
| More/Type. Display a text on the screen. |
| Set. Display and set recovery console environments values. |
| Exit. Leave recovery console. Machine will boot. |
| Help. Shows commands available in the recovery console. |
The Winnt32 /cmdcons command does not work on Windows 2000 mirrored disks.
After you have converted a FAT/FAT32 disk to NTFS, you have to reinstall the
recovery console.
If the system cannot be repaired via Safe mode or the recovery console, you
can use the emergency repair disk. This disk is created via the backup-utility
which copies the registry files to \winnt\repair\regback and adds the latest
system information to a floppy. Windows 2000 does not have the rdisk-utility.
You can use the emergency repair disk by booting with the bootdisks or a
bootable setup cd-rom. Start the installation, choose the repair option and
select the 'R' for the emergency repair process. After this you can choose the
use a manual or fast repair.
The fast repair does not require user-intervention, the manual repair offers the
option the select which part of the system you want to repair. It will offer you to inspect the startup environment (boot.ini),
check the system files and inspect the boot sector. It uses the setup.log file
on the repair disk to compare the current system state with the state after the
installation. If there is a difference, the file can be put back to the system
by using the setup cd-rom or the entries in \winnt\repair\regback directory. The
registry entries are only checked when using a fast repair, corrupted hives are
copied from \winnt\repair to \winnt\system32\config. If newer copies of the
registry are available in the \winnt\repair\regback directory you can copy these
files to the \winnt\system32\config directory by using the recovery console.
The emergency repair disk does contain the setup.log, config.nt and autoexec.nt file. Setup log is used to recreate boot.ini and to check the system files. Config.nt and autoexec.nt initialize the MS-DOS environment. Keep in mind that registry files are not stored on the disk but in \winnt\repair\regback, these files are not used, but the files in \winnt\repair are used. These hives contain the registry information as created during the setup.
Service pack and hotfixes must be re-applied after using the emergency repair process.
You can use 'SFC /scannow' to check the integrity of the system files. See Summary Windows file protection.
If non of the above options help, you can re-run the setup program to repair the system. It uses the system information from the \winnt\system32 directory.
Windows XP provides the system restore functionality. This service creates
checkpoints at important system changes (e.g. driver updates) and at specific
intervals (default every 24 hour) when the processor is idle. Users can also
create a checkpoint.
The service requires at least 200 mb free space, as long is this is available
the service is active. By default it uses 12 percent of the free diskspace.
Via the Startup and recovery-button on the Advanced tab of the system properties you can set various options :
| Default operating system. Set which operating system in boot.ini should be load by default. |
| Display list of operating systems for x seconds. Set if the list should be shown at startup and for how long. |
| Write an event to the system log. |
| Send an administrative alert. |
| Automatically reboot. |
| Write debugging information. Choose none, small memory dump (64 kb file, called minidump by default, stored in \winnt\minidump), kernel memory dump (dump of kernel memory, size depends on page file size), complete memory dump. (dumps complete system memory, size is system memory + 1 mb) The name of the file is memory.dmp |
| Directory to store the debugging information. |
To be able to create a dump file, the system requires a page file on the system partition of the size of the RAM plus 1 MB. The kernel memory dump and complete memory dump are created in the system directory. You can analyze the dumps with the dumpchk program on Windows 2000 server.
| Windows 2000 reliability and availability improvements |
| Windows 2000 safe-mode boot and recovery console |
| Windows 2000 server disaster recovery guidelines |
| Data protection and recovery in Windows XP |
| ERD commander 2000 2,0 (Windows 2000 magazine dec 2000) |
Last update : 12 January 2003