Recovery Solution™ 6.2 SP2 Reference Guide
Transcription
Recovery Solution™ 6.2 SP2 Reference Guide
ALTIRIS® Recovery Solution™ 6.2 SP2 Reference Guide Notice Altiris® Recovery Solution™ 6.2 SP2 © 1994-2007 Altiris, Inc. All rights reserved. Information in this document: (i) is provided for informational purposes only with respect to products of Altiris or its subsidiaries (“Products”), (ii) represents Altiris' views as of the date of publication of this document, (iii) is subject to change without notice (for the latest documentation, visit our Web site at www.altiris.com/Support), and (iv) should not be construed as any commitment by Altiris. Except as provided in Altiris' license agreement governing its Products, ALTIRIS ASSUMES NO LIABILITY WHATSOEVER AND DISCLAIMS ANY EXPRESS OR IMPLIED WARRANTIES RELATING TO THE USE OF ANY PRODUCTS, INCLUDING WITHOUT LIMITATION, WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, OR INFRINGEMENT OF ANY THIRD-PARTY INTELLECTUAL PROPERTY RIGHTS. Altiris assumes no responsibility for any errors or omissions contained in this document, and Altiris specifically disclaims any and all liabilities and/or obligations for any claims, suits or damages arising in connection with the use of, reliance upon, or dissemination of this document, and/or the information contained herein. Altiris may have patents or pending patent applications, trademarks, copyrights, or other intellectual property rights that relate to the Products referenced herein. The furnishing of this document and other materials and information does not provide any license, express or implied, by estoppel or otherwise, to any foregoing intellectual property rights. No part of this document may be reproduced, stored in a retrieval system, or transmitted in any form or by any means without the express written consent of Altiris, Inc. Customers are solely responsible for assessing the suitability of the Products for use in particular applications or environments. Products are not intended for use in medical, life saving, life sustaining, critical control or safety systems, or in nuclear facility applications. *All other names or marks may be claimed as trademarks of their respective companies. Recovery Solution Reference Guide 2 This product includes software developed by the Apache Software Foundation. Such software is subject to the below conditions. The Apache Software License, Version 1.1 Copyright (c) 1999-2004 The Apache Software Foundation. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. The end-user documentation included with the redistribution, if any, must include the following acknowledgment: "This product includes software developed by the Apache Software Foundation (http://www.apache.org/)." Alternately, this acknowledgment may appear in the software itself, if and wherever such third-party acknowledgments normally appear. 4. The names "Xerces" and "Apache Software Foundation" must not be used to endorse or promote products derived from this software without prior written permission. For written permission, please contact [email protected]. 5. Products derived from this software may not be called "Apache", nor may "Apache" appear in their name, without prior written permission of the Apache Software Foundation. THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE APACHE SOFTWARE FOUNDATION OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OFUSE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ==================================================================== This software consists of voluntary contributions made by many individuals on behalf of the Apache Software Foundation and was originally based on software copyright (c) 1999, International Business Machines, Inc., http://www.ibm.com. For more information on the Apache Software Foundation, please see <http://www.apache.org/>. Recovery Solution Reference Guide 3 Contents Chapter 1: Introducing Recovery Solution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 Recovery Solution Product Overview . . . . . . . . Recovery Solution Enterprise . . . . . . . . . . Local Recovery . . . . . . . . . . . . . . . . . . . . Local Recovery Pro . . . . . . . . . . . . . . . . . Integration with other Altiris Solutions . . . . . . Recovery Solution Documentation . . . . . . . . . Recovery Solution Terminology . . . . . . . . . . . Recovery Solution Architecture. . . . . . . . . . . . Familiarizing Yourself with the Altiris Console . . Altiris Console Overview . . . . . . . . . . . . . Recovery Solution Configuration Tools Recovery Solution Task Policies . . . . . Recovery Solution Reports . . . . . . . . . Resource Manager Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 14 15 15 15 16 17 19 21 21 22 23 23 24 Part I: Using Recovery Solution. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 Chapter 2: Installing Recovery Solution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 Recovery Solution Server Component Requirements . . . . . . . . . . . . . . . . . . . . . . Setting up Recovery Solution Prerequisite Components . . . . . . . . . . . . . . . . . Configuring the Load Balancer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Configuring the SQL Database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Install the Altiris Agent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Recovery Solution Client Component Requirements . . . . . . . . . . . . . . . . . . . . . . Requirements for Running the Recovery Agent in Server-based Mode. . . . . . . Requirements for Running the Recovery Agent in Local Mode (Local Recovery) Important Issues with Using the Recovery Agent and BootWorks Partitions . . . Installing Recovery Solution Server Components . . . . . . . . . . . . . . . . . . . . . . . . Installing Recovery Solution Program Files . . . . . . . . . . . . . . . . . . . . . . . . . Creating a Recovery Solution Cluster . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Adding Recovery Solution Servers to a Recovery Cluster . . . . . . . . . . . . . . . . After Server Installation Is Complete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Installing Recovery Solution Client Components . . . . . . . . . . . . . . . . . . . . . . . . . Upgrading Recovery Solution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Upgrading Recovery Solution Clusters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Licensing Recovery Solution. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Uninstalling Recovery Solution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Uninstalling a Recovery Solution Server . . . . . . . . . . . . . . . . . . . . . . . . . . . Uninstalling a Recovery Solution Cluster . . . . . . . . . . . . . . . . . . . . . . . . . . . Uninstalling the Recovery Solution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 27 27 28 29 30 31 33 34 34 34 36 40 41 42 42 42 44 44 44 44 45 Chapter 3: Getting Started with Recovery Solution . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46 Creating a Recovery Solution Cluster . . . . . . Adding Recovery Solution Servers to Clusters Installing the Recovery Agent . . . . . . . . . . . Verifying the Recovery Agent Installed . . . . . Configuring a Recovery Solution Cluster . . . . Recovery Solution Reference Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47 47 47 49 49 4 Monitoring the Recovery Solution Job Queue . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49 Running Reports. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50 Running Recovery Solution Utilities. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50 Chapter 4: Recovery Solution Agent Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51 Recovery Agent Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Recovery Agent Installation Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Installing the Recovery Agent in Server-based Mode. . . . . . . . . . . . . . . . . . . . . Recovery Agent Installation Policies (‘Push’ Installation) . . . . . . . . . . . . . . . Interactive Web-Based Agent Setup Wizard (‘Pull’ Installation) . . . . . . . . . . Unattended Recovery Agent Installation . . . . . . . . . . . . . . . . . . . . . . . . . . Registering the Recovery Agent in Server-based Mode . . . . . . . . . . . . . . . . Creating and Registering a New Account . . . . . . . . . . . . . . . . . . . . . . . Reinstalling the Recovery Agent using an Existing Account . . . . . . . . . . Changing the Server or Installation Type. . . . . . . . . . . . . . . . . . . . . . . Installing the Recovery Agent but the Server is not Available. . . . . . . . . Canceling the Registration Process . . . . . . . . . . . . . . . . . . . . . . . . . . . Recovery Agent Reinstallation and Repair . . . . . . . . . . . . . . . . . . . . . . . . . Installing the Recovery Agent in Local Mode . . . . . . . . . . . . . . . . . . . . . . . . . . Distribute Local Mode Prerequisite Package . . . . . . . . . . . . . . . . . . . . . . . . Install the Recovery Agent Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Create a Partition to Store Your Files In . . . . . . . . . . . . . . . . . . . . . . . . . . Perform the First Snapshot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Installing the Recovery Agent in Mixed Mode . . . . . . . . . . . . . . . . . . . . . . . . . . Installing Recovery Agent Using an Image. . . . . . . . . . . . . . . . . . . . . . . . . . . . Upgrading Recovery Agent. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Using Recovery Agent Rollout Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Recovery Agent Setup Command-Line Switches . . . . . . . . . . . . . . . . . . . . . . . . Uninstalling the Recovery Agent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Using Windows Add/Remove Programs . . . . . . . . . . . . . . . . . . . . . . . . Using Recovery Agent Policies to Uninstall the Recovery Agent Remotely . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51 51 52 53 53 55 56 57 57 58 59 59 59 60 61 62 63 64 65 66 66 67 69 73 73 74 Chapter 5: Configuring Recovery Solution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75 Configuring Recovery Agent Settings . . . . . . . . . . . . . . . . . . . . Creating Configuration Policies . . . . . . . . . . . . . . . . . . . . . . Using Inherited Default Agent Settings . . . . . . . . . . . . . Configuring Default Agent Settings . . . . . . . . . . . . . . . . . . . Configure Snapshot Settings . . . . . . . . . . . . . . . . . . . . Configure Excludes . . . . . . . . . . . . . . . . . . . . . . . . . . . Configure Rollback Data . . . . . . . . . . . . . . . . . . . . . . . Configure Space Management . . . . . . . . . . . . . . . . . . . Configure Throttling and Connection (server-based only) Configure Remote Access (server-based only) . . . . . . . . Configure Performance (local mode only) . . . . . . . . . . . Configure Storage Management (local mode only) . . . . . Configure User’s Rights and Permissions . . . . . . . . . . . . Configure Miscellaneous Settings . . . . . . . . . . . . . . . . . Recovery Solution Cluster Configuration . . . . . . . . . . . . . . . . . . General Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Configuring Server Job Schedules. . . . . . . . . . . . . . . . . . . . Configuring Event Notifications. . . . . . . . . . . . . . . . . . . . . . Configuring Storage Management. . . . . . . . . . . . . . . . . . . . Storage Group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Storage Location . . . . . . . . . . . . . . . . . . . . . . . . . . . . Recovery Solution Reference Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75 . 75 . 76 . 77 . 78 . 81 . 87 . 88 . 90 . 91 . 92 . 92 . 92 . 94 . 96 . 97 . 98 101 101 102 103 5 Managing Recovery Solution Servers . . . . . . . . . . . . . . Managing Cluster Users. . . . . . . . . . . . . . . . . . . . . . . . Configuring Communication Settings . . . . . . . . . . . . . . Recovery Solution Security Role Management . . . . . . . . . . . Security Role Management . . . . . . . . . . . . . . . . . . . . . Configuring Recovery Server to Only Run Server Jobs. . . . . . Scan for applied critical patches and Software Delivery tasks. Manage Lost Recovery Solution Agents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106 108 110 110 111 112 113 113 Chapter 6: Recovery Solution Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114 General Recovery Solution Tasks in the Altiris Console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Viewing Recovery-related Information about Individual Computers Using the Resource Manager Performing Basic Recovery Tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Running Server Jobs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Performing Recovery Tasks on Individual Computers Using the Resource Manager . . . . . . . Accelerate a Scheduled Snapshot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Create a Full System Recovery Image . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Disable/Enable a Computer Account . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Manage Full System Recovery Image . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Manage Protected Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Manage the Users of a Protected Computer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Mark the Client Computer Account to be Deleted . . . . . . . . . . . . . . . . . . . . . . . . . . . Mark Files for Deletion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Perform a Rollback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Perform a Snapshot Now . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Manage Agent Setup Packages. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114 114 116 116 117 118 118 118 118 118 120 120 120 122 127 127 Chapter 7: Advanced Snapshot and Recovery Procedures . . . . . . . . . . . . . . . . . . . . . . 128 Convert Encrypted Files on FAT Partitions . . . . . . . . . . . . . . . . . . . . . . Restoring a User’s Data to a Different Computer . . . . . . . . . . . . . . . . . Web-Based File Recovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Reinstall Recovery Agent Using the Same Account . . . . . . . . . . . . . Restoring Data with the Migration Utility . . . . . . . . . . . . . . . . . . . . Full System Recovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Full System Recovery Overview . . . . . . . . . . . . . . . . . . . . . . . . . . Full System Snapshots Are Necessary for Full System Recovery . What Happens During Full System Recovery . . . . . . . . . . . . . . Constraints of Full System Recovery . . . . . . . . . . . . . . . . . . . . Full System Recovery Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . Items You Need at Recovery Time . . . . . . . . . . . . . . . . . . . . . Full System Recovery Disk Creation . . . . . . . . . . . . . . . . . . . . . . . Full System Recovery Using PXE. . . . . . . . . . . . . . . . . . . . . . . . . . Full System Recovery from USB Media . . . . . . . . . . . . . . . . . . . . . Preparing the USB media for Full System Recovery. . . . . . . . . . Running Full System Recovery . . . . . . . . . . . . . . . . . . . . . . . . . . . Using Full System Recovery Without Formatting Drives Option. . Norton AntiVirus Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Restoring Data From Full System Recovery Media . . . . . . . . . . . . . Erasing the Partition Table. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Using the Snapshot Command-Line . . . . . . . . . . . . . . . . . . . . . . . . . . Scheduling Snapshots with the Command-Line Interface. . . . . . . . . Command-Line Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Exit Codes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Using RSACmd.exe Utility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Recovery Solution Reference Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128 129 129 129 130 131 131 132 132 132 133 134 134 139 139 140 143 145 146 146 146 147 148 148 150 152 6 Chapter 8: Using Recovery Solution Reports and Job Queue . . . . . . . . . . . . . . . . . . . . 153 Part II: Using the Recovery Agent. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155 Chapter 9: Getting Started with the Recovery Agent . . . . . . . . . . . . . . . . . . . . . . . . . . 156 Manually Install the Recovery Agent . . . . . . . . . . . . Take the Initial Snapshot . . . . . . . . . . . . . . . . . . . . View Your Recovery Agent Options . . . . . . . . . . . . . Ensure Automatic Snapshots Are Taken Successfully. Take an Unscheduled Full System Snapshot . . . . . . . Take an Unscheduled Partial Snapshot . . . . . . . . . . View and Restore Protected Files . . . . . . . . . . . . . . Save and Restore Network Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156 157 157 158 158 159 159 161 Chapter 10: Configuring the Recovery Agent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162 Snapshot and Restore Dialog Box . . . . . . . . . . . . . . . Last Snapshot/Restore Status . . . . . . . . . . . . . . Snapshot Options . . . . . . . . . . . . . . . . . . . . . . . Restore Options . . . . . . . . . . . . . . . . . . . . . . . . Throttling Options (server-based mode only) . . . . Performance Options (local mode only) . . . . . . . . Snapshot Selection Wizard Dialog Box . . . . . . . . Restore Selection Wizard Dialog Box . . . . . . . . . . Snapshot Schedule Dialog Box . . . . . . . . . . . . . . . . . Enable Schedule Snapshots (local mode only) . . . Snapshot type . . . . . . . . . . . . . . . . . . . . . . . . . Start Time . . . . . . . . . . . . . . . . . . . . . . . . . . . . Use System Defaults. . . . . . . . . . . . . . . . . . . . . Administration Dialog Box (server-based mode only) . General Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . User Interface Language Preferences . . . . . . . . . Recovery Solution Logs . . . . . . . . . . . . . . . . . . . Altiris Recovery Partition for local snapshots (local Connection Settings (server-based mode only) . . Use System Defaults. . . . . . . . . . . . . . . . . . . . . Space Management Dialog Box . . . . . . . . . . . . . . . . Default Rules . . . . . . . . . . . . . . . . . . . . . . . . . . Exception Rules . . . . . . . . . . . . . . . . . . . . . . . . Use System Defaults. . . . . . . . . . . . . . . . . . . . . Misc Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . . . . Full System Recovery Dialog Box . . . . . . . . . . . . . . . Remote Access Dialog Box (server-based mode only) . Snapshot Type . . . . . . . . . . . . . . . . . . . . . . . . . Snapshot Settings . . . . . . . . . . . . . . . . . . . . . . Use System Defaults. . . . . . . . . . . . . . . . . . . . . Excludes Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . Files and Folders to Exclude Dialog Box . . . . . . . . Select Folder or File Name . . . . . . . . . . . . . . Choose the Type of Item to Exclude . . . . . . . Choose Where to Exclude This Folder or File . Exception from Exclude List . . . . . . . . . . . . . . . . Folder or File Name. . . . . . . . . . . . . . . . . . . Choose the Type of Item to Include . . . . . . . Choose Where to Include This Folder or File. . Recovery Solution Reference Guide ......... ......... ......... ......... ......... ......... ......... ......... ......... ......... ......... ......... ......... ......... ......... ......... ......... mode only) ......... ......... ......... ......... ......... ......... ......... ......... ......... ......... ......... ......... ......... ......... ......... ......... ......... ......... ......... ......... ......... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164 164 164 165 165 166 166 166 167 167 167 167 169 169 170 170 170 170 171 172 172 172 173 173 173 174 175 175 176 177 177 177 178 178 178 179 179 179 179 7 Rollback Data Dialog Box. . . . . . . . . . . . . . . . . . . . Storage Locations Dialog Box (local mode only) . . . . Location for stored data on the Recovery Agent . Adding Additional Storage Locations . . . . . . . . . Managing Additional Storage Locations . . . . . . . Managing the Temporary Retention Folder. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180 180 180 181 181 182 Chapter 11: Advanced Recovery Agent Tasks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183 Excluding Files from Snapshots . . . . . . . . . . . . . . . . . . . Why Exclude Files? . . . . . . . . . . . . . . . . . . . . . . Files and Folders You Should Never Exclude. . . . . Examples of Files and Folders to Exclude . . . . . . . Performing Rollbacks . . . . . . . . . . . . . . . . . . . . . . . . . . Rollback Dialog Box . . . . . . . . . . . . . . . . . . . . . . . . Rollback Error Dialog Box . . . . . . . . . . . . . . . . . . . . Full System Recovery Options . . . . . . . . . . . . . . . . . . . . Local Full System Recovery from DVD-ROM . . . . . . . . Using the F11 Option in Local Mode . . . . . . . . . . . . . Using Web-Based File Recovery . . . . . . . . . . . . . . . . . . . Using Recovery Solution Event Viewer . . . . . . . . . . . . . . Event Log Menu . . . . . . . . . . . . . . . . . . . . . . . . . . . View Menu. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . View Menu Options . . . . . . . . . . . . . . . . . . . . . . . . . Event Viewer Dialog Box . . . . . . . . . . . . . . . . . . . . . Find . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Event Viewer Elements . . . . . . . . . . . . . . . . . . . Event Details Dialog Box . . . . . . . . . . . . . . . . . . . . . Troubleshooting the Event Viewer . . . . . . . . . . . . . . Scheduling Snapshots to Run When Your Computer is Idle . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183 183 183 184 187 187 189 189 190 192 192 193 194 195 196 197 197 197 197 198 198 199 Part III: Recovery Solution Technical Reference . . . . . . . . . . . . . . . . . 200 Chapter 12: Recovery Solution Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201 Troubleshooting Resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201 Event Logs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201 Using the Windows 98 Event Viewer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202 Event Details . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203 Finding Specific Events . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203 Saving Events to Other Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204 Clearing the Event Log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204 Automatically Overwriting Events . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204 File Version Details . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205 Installation Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206 Server Installation Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206 After installation, W3SVC warnings appear in System event log . . . . . . . . . . . . . . . . . . . 206 If Recovery Server uninstall encounters an error, uninstall rollback may fail . . . . . . . . . . 207 Altiris Recovery Server service error message after completing a Recovery Solution Server upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207 Recovery Server upgrade hangs with “Upgrade in progress” status forever . . . . . . . . . . . 207 Recovery Solution tasks are non-fuctional after aggregation of legacy servers . . . . . . . . . 208 Altiris Recovery Solution Server cannot be installed because 8.3 file names creation is disabled 208 Troubleshooting User Installations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208 Recovery Solution Reference Guide 8 Altiris Local Recovery Agent Registration fails . . . . . . . . . . . . . . . . . . . Error message appears during Recovery Agent Setup . . . . . . . . . . . . . . User account not validated . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Setup does not run properly . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Applications will not start after agent install. . . . . . . . . . . . . . . . . . . . . User Account & Logon Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Protected Computers Cannot Connect to Server . . . . . . . . . . . . . . . . . . . . . User Logon Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Protected users cannot be authenticated . . . . . . . . . . . . . . . . . . . . . . . . . . Data Protection & Recovery Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . Snapshot & File Restore Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . Snapshot Schedule for Certain Computers do not Run . . . . . . . . . . . . . User Cannot Log On to Start Snapshot . . . . . . . . . . . . . . . . . . . . . . . . Job Cannot Be Submitted . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Protected computer drives missing from snapshots. . . . . . . . . . . . . . . . User Cannot Browse Protected Files . . . . . . . . . . . . . . . . . . . . . . . . . . User Cannot Access a Different Account Via Web-Based File Recovery . . Snapshots Fail Because Server Clocks Are Not Synchronized . . . . . . . . . General Snapshot & Recovery Problems . . . . . . . . . . . . . . . . . . . . . . . Short File Names Restored Incorrectly on FAT32 Partition . . . . . . . . . . . Full System Recovery Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . Disk space error appears during Full System Recovery disk creation . . . . Full System Recovery does not start properly . . . . . . . . . . . . . . . . . . . Error appears during Full System Recovery . . . . . . . . . . . . . . . . . . . . . Full System Recovery fails when creating disk structure . . . . . . . . . . . . Full System Recovery incomplete, but no error appears . . . . . . . . . . . . Problems occur after server upgrade. . . . . . . . . . . . . . . . . . . . . . . . . . Error appears after Full System Recovery . . . . . . . . . . . . . . . . . . . . . . Recovery Agent not working after Full System Recovery . . . . . . . . . . . . Files missing or outdated after Full System Recovery . . . . . . . . . . . . . . Full System Recovery stalls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Full System Recovery CD-ROM failure . . . . . . . . . . . . . . . . . . . . . . . . . Full System Recovery and Windows 98 with Symantec Antivirus . . . . . . Cannot Cancel Restore of Folder. . . . . . . . . . . . . . . . . . . . . . . . . . . . . Norton AntiVirus Security Warning . . . . . . . . . . . . . . . . . . . . . . . . . . . Account Disabled After Full System Recovery . . . . . . . . . . . . . . . . . . . . Full System Recovery fails on HP NetServer LC2000 . . . . . . . . . . . . . . . Recovery Fails on Computers with Phoenix nForce 6A61CPAAC-00 BIOS . Rollback Troubleshooting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Unable to see Desired Snapshot During a System Rollback . . . . . . . . . . Rollback Cannot Be Started From the Console . . . . . . . . . . . . . . . . . . . Job Cannot Be Submitted . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . After Rollback, User Is Prompted to Uninstall . . . . . . . . . . . . . . . . . . . . Rollback Fails . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . After Rollback, a Restored Drive Contains No Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208 208 209 210 211 211 211 212 213 213 213 213 214 214 214 214 214 215 215 215 216 216 216 217 220 220 221 221 222 222 222 222 223 223 223 223 223 224 224 224 225 225 225 225 226 Chapter 13: Recovery Agent Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227 Troubleshooting: Install/Uninstall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: Unsupported Devices . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: Problems Installing the Local Partition . . . . . . . . . . . . Troubleshooting: Cannot Update Recovery Agent . . . . . . . . . . . . . . . . . Troubleshooting: Settings Not Saved During Update . . . . . . . . . . . . . . . Troubleshooting: Unusable Clusters after Uninstall . . . . . . . . . . . . . . . . Troubleshooting: Install fails with unable to configure the settings error . Recovery Solution Reference Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227 227 228 229 229 229 230 9 Troubleshooting: Snapshots. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: Snapshot Options Unavailable . . . . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: Nothing Happens . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: Erratic Behavior . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: Snapshots Don't Run . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: Scheduled or Automated Snapshot Doesn't Run . . . . . . . . . . . Troubleshooting: Snapshot on Logoff Doesn't Run . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: Snapshot Stops Prematurely . . . . . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: Recovery Solution Stops During a Snapshot or Restore . . . . . . Troubleshooting: Windows Installer Appears During Snapshots . . . . . . . . . . . . . . . . Troubleshooting: Snapshot Is Missing Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: Restoring Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: File Restores . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: Cannot View Protected Files . . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: Protected File Versions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: Cannot Find File Versions . . . . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: Protected File Versions Are the Same . . . . . . . . . . . . . . . . . . . Troubleshooting: Restored Files Are Incorrect Versions . . . . . . . . . . . . . . . . . . . Troubleshooting: Not Enough Space Available to Restore (FAT32) . . . . . . . . . . . Troubleshooting: Miscellaneous File Version Problems . . . . . . . . . . . . . . . . . . . . Troubleshooting: Web-Based File Recovery Logon Doesn't Appear . . . . . . . . . . . . . . Troubleshooting: Restore Crashes Windows Explorer . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: Recovery Solution Freezes During File Search . . . . . . . . . . . . . . . . Troubleshooting: Restore Stops Prematurely . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: Unknown Restore Type. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Other Issues Relating to Restoring Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Custom user names for message queues gets renamed into the GUID-like names Troubleshooting: Error Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: Error Messages in the Progress Dialog Box . . . . . . . . . . . . . . . . . . Troubleshooting: New Error . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: Repeated Error . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: Error Message Boxes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: Job Could Not Be Submitted . . . . . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: Drive Configuration Message . . . . . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: System Low on Registry Quota. . . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: Options. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: Can't Open Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: Options Are Unavailable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: Schedule Settings Cannot Be Displayed . . . . . . . . . . . . . . . . . . . . Troubleshooting: Event Logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: Messages.dll Is Missing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: Event Log Full . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: Error Messages in the Event Logs . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: Error Checklist. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: Rollback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: Virus Warning During Rollback . . . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: Rollback Has Missing or Damaged Files . . . . . . . . . . . . . . . . . . . . Troubleshooting: Rollback Disables Computer . . . . . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: Rollback General Protection Fault Error Message . . . . . . . . . . . . . . Troubleshooting: DHCP Problems After Rollback . . . . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: Other Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: DCOM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Troubleshooting: FrontPage 98 Personal Web Server Conflict. . . . . . . . . . . . . . . . . . Troubleshooting: Logon Problems. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Recovery Solution Reference Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 230 231 231 231 232 232 233 234 234 235 235 236 236 237 237 238 238 238 238 238 238 239 239 239 240 240 240 240 241 241 242 242 242 243 243 243 244 244 244 244 245 245 246 246 246 247 247 248 248 248 248 249 250 250 10 Troubleshooting: Troubleshooting: Troubleshooting: Troubleshooting: Troubleshooting: Cannot Access Dialog Box Buttons . Connection Firewall . . . . . . . . . . . Fast User Switching . . . . . . . . . . . Unknown Solution . . . . . . . . . . . . Event Viewer. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 251 251 252 252 252 Chapter 14: Technical Reference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253 Product Limits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253 Performance Tips . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254 Data Protection Performance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254 Restore Performance. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255 Changing DCOM Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255 Configuring Microsoft Network Load Balancing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 256 Settings Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257 User Account and Share Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257 Shared Folders . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259 Microsoft SQL Server Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259 Event Log Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261 Internet Information Server Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261 ODBC Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 265 DCOM Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266 RPC Dynamic Port Allocation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 270 Firewall Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 271 Web-Based File Recovery Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272 Configuring Web-Based File Recovery to run on Windows Server 2003 . . . . . . . . . . . . . . 274 Job Schedule Worksheet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 274 Local Maintenance Job . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 276 Technical Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 276 Protected Computer IP Address Updates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 277 How Recovery Works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 277 How the Temporary Operating System Is Created . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278 Recovery Disk Space Needed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278 Command Line Utilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279 AeXRSEnc Utility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279 AeXMigrt.com Utility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 282 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 282 Command-line parameters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 285 Input XML files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 287 BWINST Utility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288 RECREATE Utility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 289 Stopping and Starting the Recovery Solution Server Service . . . . . . . . . . . . . . . . . . . . . . . . . . . 289 Recovery Solution Infrastructure Backup and Restore . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290 Recovery Solution Infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290 Backup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 291 Notification Server Database Backup. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 291 Recovery Solution Database Backup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 292 Data Files Backup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293 Load Balancer Configuration Backup and Restore . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 294 Restore . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 294 Notification Server Database Restore . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 295 Data Files Restore . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 295 Recovery Solution Database Restore . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 295 Recovery Solution Reference Guide 11 Appendix A: Hard Disk Support. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 297 Index. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 300 Recovery Solution Reference Guide 12 Chapter 1 Introducing Recovery Solution The following topics contain general information about Altiris® Recovery Solution™: z Recovery Solution Product Overview (page 13) z Integration with other Altiris Solutions (page 15) z Recovery Solution Documentation (page 16) z Recovery Solution Terminology (page 17) z Recovery Solution Architecture (page 19) z Familiarizing Yourself with the Altiris Console (page 21) Recovery Solution Product Overview Recovery Solution protects operating systems, applications and data stored on desktops and notebooks from unintentional changes, accidental deletions, and catastrophic loss from hardware failure, virus corruption, or theft. By taking daily snapshots automatically, the solution works seamlessly and unobtrusively to protect your systems and data without impacting user productivity. Recovery Solution provides total and system-wide protection for your organization’s computers, including operating system, applications, network settings, drive mappings, peripheral drivers, data, and other configuration settings. Recovery Solution captures email messages, contacts, and calendar entries, even while the e-mail application is in use. Users can work completely unaware that snapshots are being taken. Remote users are prompted at login to allow the snapshot, but once it begins, the process is transparent and users can continue with their work uninterrupted. Recovery Solution provides a three-level approach to minimize bandwidth and CPU utilization with each snapshot: z Redundant File Elimination (RFE): Patented technology filters out files that already exist in the Altiris recovery repository or Altiris partition, storing common files once across your entire organization (Recovery Solution only). z Redundant Block Elimination (RBE): Patented technology that reduces data transmission size by transmitting and storing only the portions of each file that is different from the previous snapshot. z HLZS data compression is the industry standard for lossless data compression. These technologies work together to make the backup process as seamless and efficient as possible, and achieve compression ratios as high as 15:1, minimize network and CPU loads, and provide scalability to thousands of users per repository. Note For a list of new features for Recovery Solution 6.2 SP2, see the Recovery Solution Release Notes. There are three different versions of Recovery Solution: Recovery Solution Reference Guide 13 z Recovery Solution Enterprise (page 14) z Local Recovery (page 15) z Local Recovery Pro (page 15) Recovery Solution Enterprise Recovery Solution Enterprise has a new architecture that provides enhanced fault tolerance and scalability. You can now configure a cluster of Recovery Solution Servers that can work together to back up and restore data. To facilitate this, Recovery Solution leverages server load balancing, data mirroring, and Microsoft SQL Server clusters. Because it is now possible to leverage a single Notification Server and SQL installation, you can manage and get reports from multiple Recovery Solution Clusters, making reporting enterprise-wide. Computers that are connected to the network either continuously or periodically can have their data automatically backed up through the following three options: z Files are backed up to a Recovery Solution Cluster (server-based mode) z Files are backed up to a dedicated partition on the local hard drive (local mode) z Files are backed up to both the Recovery Solution Cluster and the local hard drive (mixed mode) Recovery Solution is integrated with Altiris® Notification Server™ that provides automated web-based reports, agent deployment, event processing, notification policies, and more. Additional product highlights include the following items: z Recovery Solution administrators can allow users to protect their own computers, or they can schedule automatic snapshots to ensure that the computers are always protected by receiving continuous scheduled backup. z Administrators can also control user rights, preventing users from performing certain tasks (such as disabling the schedule). When rights are granted, users can perform many tasks at will, reducing helpdesk involvement. z Recovery Solution provides full system protection. This means that not only are typical data files (such as word processing documents and spreadsheets) protected, but all of the programs installed on the computer and all of the user settings are also protected. Files that are encrypted, open, or locked can also be backed up. This allows the entire computer to be fully restored to an earlier state. z If a user's snapshot is cancelled or interrupted, they do not need to restart it from the beginning. You can restart the snapshot from the failure point or break point. This feature provides users with the ability to recover from a broken connection with the server at the exact same place as when their connection was broken. This is especially useful to remote users. z If a user's operating system becomes so damaged that the user cannot even start the computer, you can create Full System Recovery (FSR) disks that can be used to start the computer and repair the system. z The data protection process is secure. Protected data is stored within special “BLOB” files which can be mirrored, and also be encrypted while in transit. No user can access another user's files. Recovery Solution Reference Guide 14 z The Recovery Solution Console lets you manage the cluster and all its protected computers from any location on the network. If multiple clusters are configured, they can all be administered from a single console. Local Recovery Altiris® Local Recovery™ offers data and user-state protection for your organization's desktop and notebook computers. Local Recovery takes daily snapshots of computers automatically and stores backups locally in a hidden Altiris partition (known as local mode). Local Recovery is exceptionally end-user friendly. End users can initiate a backup or restore by simply right-clicking their mouse or pressing the F11 key in a pre-boot environment. By taking daily snapshots automatically, the solution works seamlessly and unobtrusively to protect your systems and data without impacting user productivity. Note Local Recovery runs only on computers manufactured by Altiris partners (HP/Compaq/ Dell). Local Recovery Pro Altiris® Local Recovery Pro™ provides the same functionality of Local Recovery with the following additional benefits: z Open and locked file support z Aggregate and individual status reporting z Support for all brands of computers z Create Altiris Partition on any drive z Install Recovery Agent on client computers based on Notification Server policies z Agent settings can be managed from Notification Server z Local Full System Recovery from DVD Integration with other Altiris Solutions Recovery Solution integrates with other Altiris solutions to provide broader functionality. Recovery Solution integrates with Altiris® Patch Management Solution™ to allow administrators to automatically take snapshots of PCs and servers prior to applying patches. This integration ensures that should something go wrong, the administrator can immediately roll a PC or server back to a known good and working state. Similarly, Recovery Solution works with Altiris® Software Delivery™ to provide restoration capabilities for PCs and servers receiving new applications. Integration with Patch Management and Software Delivery solutions lets administrators mark certain patches and Software Delivery tasks as critical. This makes all snapshots taken before applying the task or patch unavailable for rollback, and thus prevents the users at protected computers and helpdesk technicians at the console from restoring Recovery Solution Reference Guide 15 computers to an improper state. However, administrators still have the right to roll back computers to any snapshot taken before or after the task or patch was applied. Altiris® PC Transplant Solution™ integration allows administrators involved in operating system upgrades or hardware refreshes to perform migrations to the new or re-imaged hardware directly from the Recovery Server. This provides the quickest most direct form of migration to date. Recovery Solution integrates with Altiris® Helpdesk Solution™ by providing embedded Smart Tasks in the Helpdesk console. These embedded tasks allow helpdesk workers to initiate remedial Recovery Solution tasks, such as starting a snapshot or restoring a file for the end-user. Companies using Recovery Solution can now download a free monitor pack (Altiris Monitor Pack for Altiris Infrastructure) for use in Altiris® Monitor Solution™. This free plug-in allows administrators to gather and observe real-time information concerning their Recovery Solution servers. Recovery Solution also provides a custom view plugin for Altiris® Real-Time System Manager Solution™. Therefore, it is possible to see Recovery Solution Agent status on a remote machine. Recovery Solution integrates with Deployment Solution 6.5 to allow administrators to perform Full System Recovery using PXE (Pre-Boot Execution Environment) over network. For more information, see Full System Recovery Using PXE on page 139. Please see the integrated product’s documentation for more information. Recovery Solution Documentation The following documentation is provided with Recovery Solution: z Release Notes The release notes contain a list of the new features and known issues in this version of the product. It also contains any last-minute information that are not included in the main documentation. z Recovery Solution Reference Guide The reference guide provides instructions the administrator. This guide is available in both Adobe .PDF and Microsoft HTML Help formats. z Recovery Solution User’s Guide The user’s guide provides information about using the Recovery Agent. This guide is available in both Adobe .PDF and Microsoft HTML Help formats and provides users with instructions for protecting their computers. z Altiris Console and Recovery Agent Context Sensitive Help Click the help button to open the help. Altiris product documentation is available in Microsoft HTML Help (.CHM) and Adobe Acrobat (.PDF) formats. Documentation files are installed in the following directory: C:\Program Files\Altiris\Notification Server\NSCap\Help Recovery Solution Reference Guide 16 You can access documentation from the Altiris Console by clicking the following icons in the upper-right corner of the Altiris Console: Access the contextual online help by clicking the online help icon. Access an index of all help by clicking the index icon. The complete and most current versions of documentation are available from the Altiris Knowledge Base, which is available from the Altiris support Web page at www.altiris.com/support. Recovery Solution Terminology Altiris Partition A hidden partition on a local computer that Recovery Solution uses to store snapshots. This partition is created using the Recovery Agent Partition Wizard. baseline snapshot The first Recovery Solution snapshot of a protected computer. cluster A logical group of computers that consist of Recovery Solution servers. DCOM Microsoft Distributed Component Object Model consists of a set of system files that Recovery Solution uses when communicating with the server. DCOM provides both flexibility and added security for many applications that run on a network. Full System Recovery (FSR) A recovery of the whole system from scratch to any of the performed full system snapshots. Local Recovery database The database where Local Recovery Agent stores information about protected data included in snapshots. Local Recovery golden image The initial image of the client computer’s data performed by Altiris RapiDeploy® as part of the Local Recovery snapshot. This image is created right after the Altiris Recovery partition creation in Linux. The golden image is used for performing Full System Recovery on Local Recovery Agent computers. local database maintenance job A job that verifies the integrity of stored protected data and removes old data (by default, a job removes all file versions and data deleted from the client computer more than six days previously). Recovery Solution Reference Guide 17 partial snapshot A snapshot of only the drives you select. You can choose to include or exclude any local hard drive on your computer, whether or not it has system information on it. Note Files and folders that are specified in the Excludes for protected computer are not included in the snapshot. protected computer A user’s computer (workstation, notebook, and so on) whose data is protected by installing the Recovery Agent. Recovery Agent The software that manages backing up and restoring files on the computer. rollback Restoring files as well as computer’s registry from a snapshot that restores computers to a previous state. Rollback is used to repair your operating system and applications when your computer is not functioning properly. restore session The actual transference of data from a snapshot to a computer. server The computer that stores the snapshots of the protected computers running in serverbased mode. server authentication In server-based mode, Windows domain security is used. Your normal Windows logon account is used to give you access to Recovery Solution. If multiple users log onto your computer, each person’s account must have access rights to the server. Your administrator configures the access rights. space management job A server task that deletes files from snapshots. snapshot session The actual transferring of data to a snapshot. If data from multiple drives are included in a snapshot at the same time, Recovery Solution considers each drive a separate snapshot session, even though it performs all the snapshots right away. snapshots Snapshots contain one or more backed up files. storage location The location used by Recovery Solution or Local Recovery to store protected data. Recovery Solution Reference Guide 18 full system snapshot A snapshot of a protected computer that contains enough information to restore the computer in the event of a disaster. A Full System Recovery can only be performed from a Full System Snapshot. In addition to whatever files you select, a Full System Snapshot always contains the information about the protected computer’s disk partitions and drives and the Windows registry. You can also include any additional data from local drives. A Full System Snapshot does not have to contain all of the protected computer’s files and folders. VPN In a Virtual Private Network, the communications are encrypted between a remote computer (the VPN client) and the remote access VPN gateway (the VPN server) to which it connects. With a VPN, a protected computer can send data across a shared or public network in a manner that emulates a point-to-point private link. Recovery Solution Architecture Recovery Solution is a highly flexible and scalable system. It is designed to meet the backup and recovery needs of small, medium, and large organizations with diverse topologies and varying backup and recovery requirements. Because of this flexibility, it is important to plan the design and the deployment before installing or upgrading to Recovery Solution. This section provides information on system architecture and possible deployment of Recovery Solution. Recovery Solution consists of five main elements: Notification Server, Recovery Solution Cluster, Recovery Solution Server, Microsoft SQL Server, and data storage. Each element of the system is scalable not only to meet the exact backup and recovery needs but also the level of fault tolerance required by the origination. Logical Configuration of the Recovery Solution System In the figure below is a logical configuration of a full fault tolerance Recovery Solution system. This includes multiple Recovery Servers in a load balanced cluster, mirrored Blob data storage, and Microsoft SQL Server Cluster. Notes Microsoft SQL Server Cluster design and setup of a database fault tolerance is covered the Microsoft documentation. We recommended that the network that connects the Recovery Solutions Servers, Notification Server, MS SQL Server, and Data Locations be at least 100 Mbit or a switched network. Recovery Solution Reference Guide 19 Notification Server MS SQL Server Cluster Recovery Solution Cluster DB MS IIS Web Server MS IIS Web Server DB DB Recovery Administration DB Data Space & Mirror Blob Blob Load Balancer Protected servers, desktops, notebooks Figure 1 Altiris Notification Server In the versions of Recovery Solution earlier than 6.1, most administration tasks were performed in the Recovery Solution Administrator’s Console using the Microsoft Management Console (MMC). The MMC is no longer used. All recovery management tasks are now performed in the Web-based Altiris Console. The Notification Server is used to setup and modify cluster, servers, data base, data storage, and protected systems settings. Notification Server also communicates with the Recovery Solution Microsoft SQL Server data base to produce reports that are enterprise-wide. Note Both HTTP and DCOM are used for communication between Recovery Solution Server and Notification Server. Recovery Solution Cluster Recovery Solution Cluster is made up of at least one Recovery Solution Server. There can be multiple clusters with just one Recovery Solution Server in each cluster (this mimics the previous versions of Recovery Solution configuration). If load balancing is turned on and one of the supported load balancing solutions is used, then multiple Recovery Solution Servers can be assigned to a cluster. All settings for servers, Blob data storage locations, and Microsoft SQL Server configurations are administrated at the cluster level. Recovery Solution Reference Guide 20 Recovery Solution Server The Recovery Solution Server is a Microsoft Windows server running Internet Information Services (IIS). The protected computer or users connect to this server to backup and restore their files or systems. Authentication is handled by Active Directory domain accounts or Microsoft NT domain accounts (local computer accounts are not supported). A Recovery Solution Server must be assigned to a Recovery Solution Cluster. For information on how to configure a dedicated Recovery Solution Server for handling only server jobs, see General Settings on page 97. Microsoft SQL Server The Microsoft SQL Server stores information about Recovery Solution system data, protected computer data, and statistical information, including reporting data. Blob data storage User data is stored in encrypted blob data. The system can configure multiple physical hard drives to store this data. Additional space can be added to the storage if needed. The Blob data can now be mirrored, which occurs at the time of snapshots, to give an extra level of fault tolerance. Load Balancer If Load Balancing is turned on for a given Recovery Solution Cluster, multiple Recovery Solution Servers can be set up. The protected computer at the time of backup or recovery communicates with the load balancer, which then assigns the session to a recovery server. All load balancing is done through either HTTP or HTTPS and requires that the load balancer keeps users attached to only one server for the whole session until the session is ended by the recovery server. Microsoft Network Load Balancer (NLB) (a software based load balancer for IIS servers) and F5 BIG-IP Blade Controller have been tested and are supported. Protected Computers Protected computers are end users’ computers, laptops, and enterprise data servers that are protected by Recovery Solution. Depending on system configuration, one of the following protocols are used for communication between protected system and the Recovery Server for backing up and restoring data: DCOM, HTTP, and HTTPS. Note If load balancing is used, only HTTP and HTTPS are supported. Familiarizing Yourself with the Altiris Console In the versions of Recovery Solution earlier than 6.1, most administration tasks were performed in the Recovery Solution Administrator’s Console using the Microsoft Management Console (MMC). All recovery management tasks are now performed in the Altiris Console. See also: Altiris Console Overview (page 21). Altiris Console Overview To open the Altiris Console, click Start > Programs > Altiris > Altiris Console. Recovery Solution Reference Guide 21 The Altiris Console provides the following tools that help you manage Recovery Solution: z Recovery Solution Configuration Tools (page 22) z Recovery Solution Task Policies (page 23) z Recovery Solution Reports (page 23) z Resource Manager Tools (page 24) Note The computer running the Altiris Console must be able to connect to the Recovery Servers on your network to perform the Recovery Solution tasks for those servers. Specifically, make sure that TCP ports 80 and 135 are open on the Recovery Servers for communication with the Altiris Console and that you can ping the servers using their DNS names and IP addresses. For proper operation of the Altiris Console on computers running Windows XP SP2, you must disable pop-up blocking. In Internet Explorer window, click Tools > Pop-up Blocker > Turn Off Pop-up Blocker. Recovery Solution Configuration Tools Most recovery configuration tasks are performed in the Configuration tab of the Altiris Console. To access Recovery Solution configuration tools 1. Open the Altiris Console. 2. Click the Configuration tab. 3. Select Configuration > Solution Settings > Incident Management > Recovery Solution. The following Recovery Solution configuration tools are available: z z z Recovery Agent Rollout Tools Recovery Agent Rollout tasks policies Recovery Agent Rollout software package Recovery Agent specific collections Recovery Agent Settings Configuration Tools Default Recovery Agent Settings configuration page Default Local Recovery Agent Settings configuration page Recovery Solution Cluster Tools Recovery Solution Cluster creation tools Recovery Solution Cluster nodes and configuration page Recovery Solution Server installation policies Upgrade and uninstall task policies Recovery Solution specific collections Recovery Solution Reference Guide 22 Recovery Solution Task Policies On the Tasks tab, predefined policies are available to perform the following tasks: Tasks Link to information Convert encrypted files on FAT partitions Convert Encrypted Files on FAT Partitions (page 128) Erase the protected computer’s partition table Full System Recovery incomplete, but no error appears (page 220) Manage Agent Setup package Manage Agent Setup Packages (page 127) Restore data from Full System Recovery CD/DVD-ROMs Restoring Data From Full System Recovery Media (page 146) Restore data using the Migrate utility Restoring Data with the Migration Utility (page 130) Agent Settings Encryption/ Decryption Utility AeXRSEnc Utility (page 279) Altiris Partition Removing Utility BWINST Utility (page 288) To access the Recovery Solution task policies, open the Altiris Console, click the Tasks tab, and then select Incident Resolution > Recovery Solution. For information on performing these tasks, click the policy and read the description and instructions in the right content pane. You can also click the links listed above. Recovery Solution Reports Recovery Solution provides several predefined reports that give information about your client computers and Recovery Servers. For these reports, Recovery Solution uses information from both the Notification Database and Recovery Solution Database. Note For reports to work, the related data must have been previously collected. For a list and description of Recovery Solution reports, open the Altiris Console and click the Reports tab and then Reports > Incident Management > Recovery Solution. Then click a report folder. Note The Local Reports are available for Local Recovery Pro users. The rest require the full Recovery Solution. You can modify these reports if desired or you can create your own reports. For more information on using reports and creating custom reports, see the Altiris Notification Server Help. Note Depending on your environment (your server and the number of computers being backed up) you may want to schedule reports using date x and date y. Scheduling some or all of these reports will greatly increase report performance when compared to running these reports live. You can then view the saved report runs. Recovery Solution Reference Guide 23 Resource Manager Tools You can use the Resource Manger to do the following: z View recovery-based information about individual client computers z Perform recovery tasks on individual computers z Create and view collections of computers To view the Resource Manager for a computer, click the computer item in either a report or collection. From a collection, you can also right-click a computer to perform recovery tasks on that computer. For more information, see Viewing Recovery-related Information about Individual Computers Using the Resource Manager (page 114). Recovery Solution Reference Guide 24 Part I Using Recovery Solution This section explain how to use Recovery Solution. The following chapters describe tasks that you can perform using Recovery Solution components in the Altiris Console: z Installing Recovery Solution (page 26) z Getting Started with Recovery Solution (page 46) z Recovery Solution Agent Installation (page 51) z Configuring Recovery Solution (page 75) z Recovery Solution Tasks (page 114) z Advanced Snapshot and Recovery Procedures (page 128) z Using Recovery Solution Reports and Job Queue (page 153) Part II contains chapters that explain how to use the Local Recovery Agent on client computers. Part III contains chapters that include troubleshooting and technical reference information. Recovery Solution Reference Guide 25 Chapter 2 Installing Recovery Solution This section lists the Recovery Solution product requirements and explains how to install Recovery Solution. z Recovery Solution Server Component Requirements (page 26) z Recovery Solution Client Component Requirements (page 30) z Installing Recovery Solution Server Components (page 34) z Installing Recovery Solution Client Components (page 42) z Upgrading Recovery Solution (page 42) z Licensing Recovery Solution (page 44) z Uninstalling Recovery Solution (page 44) For information on installing the Recovery Agent, see Recovery Solution Agent Installation on page 51. For information on installing Local Recovery Pro, see Installing the Recovery Agent in Local Mode on page 60. Recovery Solution Server Component Requirements This section lists the requirements of the computers that run the various components of Recovery Solution. Recovery Solution runs under Altiris Notification Server 6.0 SP3 and above. For a list of requirements to run Notification Server, please see the Altiris Notification Server Reference or help. The specific Recovery Solution configuration needs depend on your specific situation. The requirements depend on the number of client computers to be protected and on the homogeneity of the data on those computers. Software Requirements Software Description Operating System z Windows Server 2003 z Windows Server 2003 R2 z Windows Server 2000 SP2 or later z Microsoft SQL Server 2000 SP3 or later z Microsoft SQL Server 2005 Microsoft Windows Internet Information Services (IIS) z Microsoft IIS 5.0. This component is not installed by default with Windows 2000 or later. For Windows 2003, ASPNET needs to be enabled. Web Browser z Microsoft Internet Explorer 6.0 or later Altiris Software z Altiris Agent 6.0 SP3 or later SQL Database Recovery Solution Reference Guide 26 For Recovery Agent requirements, see Recovery Agent Requirements (page 51). Note If you have previously installed Local Recovery Pro on this computer before Notification Server was installed, after you have installed Notification Server, you will need to reinstall Local Recovery Pro for it to be recognized by Recovery Solution. See also: Setting up Recovery Solution Prerequisite Components (page 27). Setting up Recovery Solution Prerequisite Components You may need to perform the following steps before you can install Recovery Solution: z Configuring the Load Balancer (page 27) z Configuring the SQL Database (page 28) z Install the Altiris Agent (page 29) Configuring the Load Balancer If you will be using more than one Recovery Solution Server, you must use a load balanced cluster of servers. Recovery Solution supports the following load balancing technologies: z Microsoft Network Load Balancing z BIG IP by F5 Networks, Inc. The load balancer should be installed according to the installation instructions of the manufacturer. Microsoft Network Load Balancing Tips Microsoft Network Load Balancing uses a virtual IP and MAC address. If the network hardware is not setup correctly, it can cause network collisions to occur. To prevent this we recommend the following: z All Recovery Solution Servers are connected to a network hub z The network hub is connected to a programmable switch on your network z Program the switched port address table with the Network Load Balancing virtual MAC address. Example: if your hub is plugged in to port 8 on your switch, program the switch that the Virtual MAC address is connected as port 8. Configuring the BIG IP Controller Health Monitors BIG IP health monitors verify connections and services on nodes that are members of load balancing pools. The monitor checks the node at a set interval. If the node does not respond within a specified timeout period, the node is marked down and traffic is no longer directed to it. By default, an ICMP (Internet Control Message Protocol) monitor is associated with every node that is a member of a load balancing pool. This monitor is of the simplest type, checking only the node address and checking only for a ping response. To change the interval and timeout values of this default check, or to check specific services on a node, you need to configure a custom monitor or monitors to add to the default monitor. For the default icmp monitor, we select the icmp monitor template, as shown below: Recovery Solution Reference Guide 27 monitor type icmp { interval 5 timeout 16 dest * } The ICMP monitor template has three attributes: interval, timeout, and dest, each with a default value. (All monitor templates have these three basic attributes). For the default monitor, template ICMP is used as is, that is, as monitor ICMP with its default attribute values. To change any of these default values, you would need to create a custom monitor based upon ICMP, for example, my_icmp. Only the values that are actually to be changed would need to be specified in the definition of the custom monitor. Therefore, if you wanted to change the timeout values only, you would define the custom monitor as follows: b monitor my_icmp ’{ use icmp timeout 20 }’ This would create a new monitor in /config/bigip.conf, as show below: monitor my_icmp{ #type icmp use "icmp" interval 5 timeout 20 } You can display this monitor using the following command: b monitor my_icmp show Once the custom monitor exists, you associate it with a node or nodes using the Configuration utility or the bigpipe node command. Example: b node 11.11.11.1 11.11.11.2 11.11.11.3 monitor use my_icmp Note The nodes are identified by IP address only. ICMP can ping addresses only, not specific ports on addresses. This creates three instances of monitor my_icmp, one for each address. You can display the instances using the command b node monitor my_icmp show. Configuring the SQL Database If you plan to authenticate to the SQL Server using a Windows account, and if the SQL Server is set to Windows authentication mode only, you must set it to SQL Server and Windows (mixed) mode for Recovery Solution Server to work correctly. Caution If you are using the Microsoft SQL 2005 Server, the sys.xp_cmdshell component is required before you can create a Recovery Cluster. To enable the component, go to SQL Server 2005 Surface Area Configuration > Surface Area Configuration for Features > xp_cmdshell and select the Enable xp_cmdshell checkbox. After the Recovery Cluster creation is complete, the component can be safely disabled. Recovery Solution Reference Guide 28 To check or change the SQL authentication mode 1. Open the SQL Server Enterprise Manager (Start > Programs > Microsoft SQL Server > Enterprise Manager). 2. Right-click the SQL Server group you want to configure. 3. Click Properties. 4. Click the Security tab. 5. Under Authentication, select SQL Server and Windows. 6. Click OK. 7. Stop and restart the SQL service. For more information, see your SQL Server documentation. Install the Altiris Agent All potential servers and computers you want to manage must have the Altiris Agent installed if you have not done so already (through the use of other Altiris solutions that require the agent). When installing the agent, you specify the computers on which to install the agent. For large numbers of computers, you can use the Resource Discovery and Network Discovery features of Notification Server to discover the computers on your network and create a list from which you can select the computers on which to install the agent. If you have only a few computers to manage, such as during an evaluation, you can skip computer discovery and perform the agent installation procedure. Resource Discovery is used to discover Windows computers. The following procedure describes how to use this feature. Network Discovery can discover computers using Ping, Circular DNS resolution, SNMP, and NetBIOS name and domain. You can discover Linux/UNIX, Mac OS, and Windows computers. For details, see the Network Discovery Product Guide, which you can access from the Altiris Web site (altiris.com/support/documentation) or the Altiris Documentation page in the Altiris Console. You need administrator rights to install the Altiris Agent. For more information on the Altiris Agent, see the Notification Server documentation. To discover Windows computers using Resource Discovery 1. On the Notification Server computer, select Start > All Programs > Altiris > Altiris Console to open the Altiris Console. 2. In the console, click the Configuration tab. 3. In the left pane, select Configuration > Server Settings > Discovery Methods > Resource Discovery. 4. In the content pane, click and select the domains in which to search for computers. Optionally, enter the name of a domain and click 5. . Select the discovery methods you want to use. You must select at least one method. Recovery Solution Reference Guide Select the Domain Browse List option to discover computers (including Windows 98) that are currently sharing files. 29 Select the Domain Membership option to discover computers that have trust accounts in the domain and are running Windows NT, 2000, XP, and 2003. This method will not find any Windows 98 computers. 6. Click Discover Now. 7. After the discovery process completes, click Apply. The computers in the specified domains are discovered and can be selected to receive the agent. To install the Altiris Agent This procedure does not work with Windows 98 computers. For these operating systems, see the “Pull Method” in the Notification Server documentation. 1. On the Notification Server computer, select Start > All Programs > Altiris > Altiris Console to open the Altiris Console. 2. In the console, click the Configuration tab. 3. In the left pane, select Configuration > Altiris Agent> Altiris Agent Rollout> Altiris Agent Installation. 4. In the content pane, do one or both of the following: If you did not perform a computer discovery (because you only have a few computers on which you want to install the agent, such as during an evaluation) or you want to specify a computer manually, enter the name of the computer on which you want to install the agent in the field next to the Add button, and then click Add. Repeat this for all computers on which you want to install the agent. If you performed a computer discovery, click Select Computers. In the dialog that opens, select the computers to which you want to install the agent. Click OK. Note The fact that a computer can be discovered does not mean that you can push the agent to it. The computer must be running an operating system that supports having agents pushed to it. 5. Click Install Altiris Agent. The Options page opens to let you set configuration properties for the Altiris Agent. 6. Select the Show the Altiris Agent icon in the system tray option. 7. Click Proceed with Install. The Altiris Agent is installed to the computers. Recovery Solution Client Component Requirements The Recovery Agent is installed on Windows-based client computers. Recovery Agent Requirements This section lists the requirements for the Recovery Agent in the following topics: z Requirements for Running the Recovery Agent in Server-based Mode (page 31) z Requirements for Running the Recovery Agent in Local Mode (Local Recovery) (page 33) Recovery Solution Reference Guide 30 z Important Issues with Using the Recovery Agent and BootWorks Partitions (page 34) Requirements for Running the Recovery Agent in Server-based Mode Minimum Requirements (server-based) Operating System One of the following: z Windows Vista (32-Bit or 64-Bit Edition) z Windows Server 2003 (32-Bit or 64-Bit Edition) z Windows XP Professional (32-Bit or 64-Bit Edition) z Windows 2000 SP4 (Professional, Server, or Advanced Server) z Windows 98 SE (Second Edition) Note Multi-boot configurations are not supported. Additional Software z Microsoft Internet Explorer 5.0 or later Disk Space z At least 10 MB of free disk space is required to store client software. z Additional free disk space might be needed for DCOM and Dial-Up Networking updates required to use Recovery Solution. z For Full System Snapshot with Full System Recovery capability: Requires additional free disk space (after installation) equivalent to the size of the Windows registry. (20 MB should be sufficient in most cases.) z For recoveries (including Full System Recovery): Free disk space required is the greater of 1% of total disk space, or the size of the largest file on the drive. z TCP/IP network or RAS connection z Windows domain account for each user z If you have a firewall, you must have ports 80, 137, and 43190 opened in order for the Recovery Agent to register with the Recovery Solution Server. z 10 Mbit connection recommended for first snapshot z 28 Kbit or faster connection for subsequent Full System Snapshot Windows Networking Network Connection Recovery Solution Reference Guide 31 Other Hardware Display Altiris Software Recovery Solution Reference Guide For Full System Recovery z Bootable CD-ROM or DVD-ROM drive, or z CD-ROM or DVD-ROM drive and 3.5-inch 1.44 MB floppy drive z Full System Recovery currently does not support the use of software RAID controllers. A limited number of hardware RAID adapters is supported. z 800 x 600 or greater screen resolution z 256 or more colors z Altiris Agent 6.0 or later 32 Requirements for Running the Recovery Agent in Local Mode (Local Recovery) Minimum Requirements (Local Recovery and Local Recovery Pro) Note The Standard version of Local Recovery can only be installed on computers manufactured by Altiris partners. Local Recovery cannot be installed and run on computers with AMD K6-2 processor. Operating System One of the following: Microsoft Windows 2000 SP4 Microsoft Windows XP Home Microsoft Windows XP Professional (32-Bit or 64-Bit Edition) Microsoft Windows Server 2003 (32-Bit or 64-Bit Edition) Microsoft Windows Vista (32-Bit or 64-Bit Edition) Disk Drives and Space The following drive types are supported by Local Recovery and Local Recovery Pro: IDE Serial ATA* SCSI* Note To run the Recovery Agent in local mode, you must have enough free space on the local hard drive to store your snapshots. We recommend that you have between 40% and 50% of your hard drive free of space. This free space must exist within the existing primary partition for Local Recovery. Non-partitioned free space is not required. The Altiris Partition requires contiguous free space on the drive. For best results, run a disk defragmentation utility on the drive before installing. If the drive does not have enough contiguous free space, you will get an error stating “Altiris Recovery Agent failed to create initial image of the system.” For more information, see “Troubleshooting: Problems Installing the Local Partition” in the Recovery Solution Reference Guide. Display Other Hardware Local Mode Prerequisite Package z 800 x 600 or greater screen resolution z 256 or more colors For Full System Recovery from DVD z Bootable DVD-ROM drive The Local Mode Prerequisite Package contains the Recovery Agent Partition component and must be distributed to clients prior to running the Local Recovery Agent setup. *For a list of supported devices, see Hard Disk Support on page 297. Recovery Solution Reference Guide 33 Important Issues with Using the Recovery Agent and BootWorks Partitions Note The following information only applies to Deployment Solution 6.1 or older. Newer versions of Deployment Solution are compatible with Recovery Agent. Recovery Solution, when configured to run in local snapshot mode, stores the contents of snapshots in the hidden Altiris Partition on the computer’s hard drive. If you use Altiris® Deployment Solution™, computers may already have an embedded BootWorks partition on the hard drive. Currently, it is not possible for an embedded BootWorks partition and the Altiris Partition to reside simultaneously on the same physical drive. If you have an embedded BootWorks partition and you want to install the Recovery Agent and create an Altiris Partition, you will have to first uninstall the BootWorks partition (otherwise the Recovery Agent installation will be stopped). If you wish to use a BootWorks partition and have computer backup and recovery capabilities, you must use Recovery Solution in server-based mode only. Caution If you have the Recovery Agent and the Altiris Partition installed on a computer, and then you install a BootWorks partition, the BootWorks partition will not recognize that the Altiris Partition exists and, without warning, will delete the Altiris Partition and all snapshot data and the space will be lost! Uninstalling BootWorks If you want to uninstall BootWorks so you can use an Altiris Partition, you can use one of the following methods: z Using the bwinst -u command z Using Boot Disk Creator to create a BootWorks Windows Uninstall Package that can be deployed to computers For more information, see the “Uninstall BootWorks” section in the Altiris Deployment Solution Product Guide. Installing Recovery Solution Server Components This section contains instructions for installing Recovery Solution on your Notification Server. z Installing Recovery Solution Program Files (page 34) z Creating a Recovery Solution Cluster (page 36) z Adding Recovery Solution Servers to a Recovery Cluster (page 40) z After Server Installation Is Complete (page 41) Installing Recovery Solution Program Files After Notification Server has been installed, you can install Recovery Solution. The installation creates log files that record operations and errors that occurred during installation. For more information, see Check for Errors on page 41. Recovery Solution Reference Guide 34 Caution Do not install an evaluation version of Recovery Solution on a computer that already has a licensed installation of the solution. Doing so might cause loss of protected data. Notes You must be logged onto the computer as a user with administrative rights in order to install the solution. The Windows computer name of the server must contain only letters (a–z), numerals (0–9), and the hyphen character (-), and it must be no more than 15 characters long. In addition, the DNS host name configured in TCP/IP properties must match the Windows computer name. Make sure that file sharing for Microsoft networks is enabled before you start Setup. During installation, if you see an error message indicating that Setup could not start the SQL ServerAgent service, then the service is already started. You must stop the service manually using Control Panel before you can continue the installation. If you configure Recovery Solution to use a different database server than the Notification Database server, and if the Recovery Solution DBMS is configured with a different collation than the Notification Server's DBMS, then some reports may not run properly. To avoid this problem, make sure the DBMS on each database server is configured to use the same default collation. If the server has an A4 Tech Mouse, make sure that the A4 drivers are installed. If you rely on the default Windows mouse drivers, Recovery Solution Server Setup might not be able to complete successfully. If an error appears saying that the installer has insufficient privileges, as a workaround, you can try clicking Retry in the error dialog. To install Recovery Solution 1. 2. Access the Recovery Solution setup file: Option 1: From the Altiris Console through the Solution Center Option 2: From the files downloaded from the Altiris Web site Start the installation: a. In the Altiris Console, click the Getting Started tab. b. Click Install Altiris Solutions from the Solution Center. c. At the top of the page, under the Available Solutions tab, click the Solutions button. d. Click Altiris Recovery Solution. e. Click Start. This extracts the setup files and launches the installation wizard. 3. From the setup wizard Welcome page, click Next. To accept the license agreement, click I accept the terms in the license agreement and click Next. Recovery Solution Reference Guide 35 4. To start the installation, click Install. 5. After Recovery Solution has been installed, click Finish. The program files will be installed on the computer. You must now create a Recovery Solution cluster even if you are going to have a single server. By default, after you have installed Recovery Solution, the Cluster Creation Wizard will open automatically. For more information, see Creating a Recovery Solution Cluster on page 36. Note If the Web page does not appear, you need to add the host name to the trusted sites for internet explorer. Creating a Recovery Solution Cluster After you have installed the Recovery Solution program files, you need to create and configure a Recovery Solution Cluster. You must create a cluster even if you are going to have only one Recovery Solution Server. The Cluster Creation Wizard guides you through the cluster creation process. Note For information on how to configure a dedicated Recovery Solution Server for handling only server jobs, see General Settings on page 97. To create a Recovery Solution Cluster using the Cluster Creation Wizard 1. By default, after you have installed Recovery Solution, the Cluster Creation Wizard will open automatically. If you need to launch the wizard manually, do the following: 2. a. Open the Altiris Console by selecting Start > Programs > Altiris > Altiris Console. b. Click the Configuration tab, then select Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Solution Clusters > Recovery Solution Cluster Rollout. c. Click the Recovery Solution Cluster Creation. d. In the right content pane, click Launch Cluster Creation Wizard. Specify the cluster name. These values can be changed later. a. Enter a cluster name. This name will appear in the Altiris Console and will not be visible to client computers. b. Enter a cluster network address. This is how the cluster will be identified to client computers. If this will be a non-balanced cluster (containing only one Recovery Server), then you can use either a name (such as the Recovery Server computer name) or the server IP address. The name and the address can be the same if you choose to do so. If this will be a balanced cluster (containing more than one server), then enter the address of the virtual HTTP server created on the load balancer. For more information, see Configuring the Load Balancer on page 27. Recovery Solution Reference Guide 36 3. c. (Optional) If you want to configure a balanced cluster, select the Enable cluster load balancing support checkbox. d. (Optional) Enter the IP address or DNS name of the load balancer. e. Click Next. Specify the communication protocol. You can choose from three connection types: DCOM HTTP HTTPS If you are configuring a balanced cluster, you can only choose either HTTP or HTTPS. If you are using a non-balanced cluster, you can use any of the three. Generally, using DCOM can provide faster communication by as much as 10-20%. However, DCOM may not work well behind firewalls or on slow WAN connections. In those cases, HTTP is the preferred option. Notes This setting is for how the Cluster will communicate to the Client for the install of the Recovery Agent. The Agent can be configured to use a different protocol after install has completed. For HTTP and HTTPS, ports 8080 and 8081 should not be used as binding ports used by Recovery Solution if Altiris Deployment Server is installed on the same Notification Server. Both HTTP and DCOM are used for communication between Recovery Solution Server and Notification Server. 4. Enter the SQL server name that you want the Recovery Solution Database installed on. You can specify either a local or remote instance of a SQL server. Caution If you are using the Microsoft SQL 2005 Server, the sys.xp_cmdshell component is required before you can proceed creating the Recovery Cluster. To enable the component, go to SQL Server 2005 Surface Area Configuration > Surface Area Configuration for Features > xp_cmdshell and select the Enable xp_cmdshell checkbox. After the Recovery Cluster creation is complete, you can safely disable the component. Local Instance Notes By default, setup uses the default instance of the local SQL server (MSSQLSERVER). If the default instance of the local SQL server is not found, then the cluster creation wizard will try to enumerate non-default local SQL instances. If more than one nondefault instances is found, setup will use the first found instance and the user will be informed by a Multi-Instance SQL Server page. The SQL server instance that will be used will be displayed. The full SQL server name is specified in the following format: Recovery Solution Reference Guide 37 <SQL Server_name>\<SQL instance name> For a default SQL server instance (MSSQLSERVER) the name of the SQL server is: <SQL Server_name> a. Select one of the following authentication modes that you use to connect to the SQL server: Windows authentication (logged on user) SQL Server login - particular SQL server user The specified account must have administrative rights for the selected SQL server. For more information, or if you get an error about Windows authentication, see Configuring the SQL Database on page 28. b. Click Next. If you get an error that the server cannot be found, click Back to go to the Connection Type page, and click Next again. 5. Configure the database and data storage options. Caution Do not place the SQL Server database and log in a compressed or encrypted location. a. Accept the default database name or specify a new one. b. Specify the storage location and the size and location of your Recovery Solution database. The path must be local to the SQL Server computer. c. Specify the storage location and the size and location of your Recovery Solution log. The path must be local to the SQL Server computer. d. Specify the user name and password that will be used to connect to the Recovery database. Note If another cluster already exists on the server computer, the existing user name and password will be used. To change the existing Recovery database user credentials, see General Settings (page 97). Caution Two or more Recovery Solution clusters created on one or more server computers and connecting to the same SQL server must use the same Recovery database user credentials. e. 6. Click Next. Configure data storage points and their size. a. Enter the data (blob) file size in Mb. The maximum size of a single data file is 2000 Mb. b. To add a storage location, click Add (you must specify at least one location). Data storage location. To use a data location on the same computer where Recovery Solution Server will be installed, enter a local path, such as C:\AeXRSData. To use a data location on a different computer, enter an IP Recovery Solution Reference Guide 38 address, DNS name, or computer name where hard drive space will be used. The format for entering this information is \\<servername>\<sharename>\<directory>. Note A local server path cannot be used in a balanced cluster. Maximum space (Mb): Enter a maximum space limit (Mb), or enter 0 for unlimited. This is the maximum amount of space on this location to be used. Example: if you set a 1000 Mb maximum space limit and 200 Mb data file size, then 5 data files can be created on this location. If this is a remote location, provide authentication credentials. Notes Use domain (not local) user credentials, otherwise the storage location will be inaccessible. You probably do not have to specify credentials for local storage locations. A remote share permissions and folder security must be configured to allow full access to the user accessing the share. You must not add network storages located on computers from domains, which are not trusted by the Recovery Server domain. Also, do not use the credentials of users from the non-trusted domains to access the storage locations. Storage status will be reported ‘Inaccessible’ after adding such storages. The reason is that Recovery Server cannot be impersonated under a user account from a nontrusted domain. 7. c. Click OK. d. Click Next. Configure Recovery Solution Server users. The two default groups are: AeXRS_Users Each member of this group will be given the access rights to protect its own data with Recovery Solution. AeXRS_Managers Each member of this group will be given the access rights to other users’ data through Web Based File Recovery and Migration utility. User Group is the name of Microsoft Domain Group to be used by Recovery Solutions Users are a list of the current users in that group. You can either add more users to or remove users from this group. a. To remove a user, highlight the user you want to remove and click remove. b. To add user or group, click add, see To add a user or domain group to a Recovery Solution Cluster (page 108). Recovery Solution Reference Guide 39 c. Enable the Allow web-based restoration for all users option to allow for Web Based File Recovery to be available for all protected users after the cluster creation. d. Click Next. 8. Review the Recovery Solution Server Summary to confirm your selections. 9. To proceed with your selections, click Next. 10. To make any changes, click Back and change your selection options and then finish the wizard. After completing the wizard, an empty cluster is created. You must add at lease one server to the cluster. To see and manage the cluster settings, click the cluster node under the Recovery Cluster Configuration folder. For more information, see Recovery Solution Cluster Configuration (page 96). Adding Recovery Solution Servers to a Recovery Cluster After you have created a cluster, you can add one or more servers to the cluster. Notes You should avoid adding stand-alone servers, which are not members of a trusted domain or use local authentication, to a Recovery Solution Cluster, because your protected users will not be able to authenticate on such servers. The problem can appear even when Recovery Server is a member of a trusted domain if this domain has no trust for all the domains where Notification Server has trusting set up. If no servers offered for installation in Recovery Solution Server Install policy. The problem may appear because of following reasons: You have not Windows Servers with Altiris Agent installed. Recovery Solution Server can only be installed on either Win2003 or W2k Server. All your Windows Servers already have either Recovery Solution Server or Recovery Solution Agent installed. Recovery Solution Server cannot be installed to computer with Recovery Solution Agent. Inventory is not yet received from this server or collections not yet updated. To resolve the problem go to the Recovery Solution Cluster Configuration folder -> “Computers where Recovery Solution Server can be installed” collection and press Refresh button. If no computers appeared in the collection after this, then most probably you should wait inventory sending or accelerate the process manually. If you install the Recovery Server on Windows 2003 running Windows Firewall service (enabled by default on Windows 2003 Server with Service Pack 1), the Altiris Recovery Server Host Manager (ping service) will open the port 43190 in Windows Firewall on service start up. This port must be open during Recovery Server operations. To add a server to a cluster 1. Open the Altiris Console by selecting Start > Programs > Altiris > Altiris Console. Recovery Solution Reference Guide 40 2. Click the Configuration tab, then select Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Solution Clusters > Recovery Solution Cluster Configuration. 3. Click the Recovery Solution Server Install task. 4. In the right content pane, select the cluster you want to add a server to. 5. Click the Add Server 6. Select the computer you want to install as a Recovery Solution Server. 7. Click OK. 8. (Optional) To override default installation folders, click Installation Settings. 9. Select the Cluster to install the server to. icon. 10. Click Install Server. 11. You can accept the default installation settings or changes them. Click Proceed with Install. It will take a few minutes for the server component to install. The rollout page shows the status of the server rollout process. Click the Refresh the page. icon to refresh Note If you install Recovery Server on Windows 2003 without a service pack, the Internet Sharing Configuration dialog box will appear during installation on the server computer asking you to give the C:\Program Files\Altiris\Recovery Solution\Server\Ahms.exe permission to edit this computer’s Internet Connection Protection settings. Click Yes to let the Altiris Recovery Server Host Manager (ping service) open the port 43190 in Windows Firewall. This port must be open during Recovery Server operations. After the installation is complete, the server will appear in the list of servers for the cluster under the Servers tab of the cluster properties page. Altiris Recovery Solution Server will also appear in the Add/Remove Programs list on the computer it was installed on. To view the servers tab of the cluster properties page 1. Click the cluster node in the Recovery Solution Cluster Configuration folder. 2. Click the Servers tab. 3. Click the Refresh icon. After Server Installation Is Complete After the Setup program for Recovery Solution Server is complete, you should perform the following steps before continuing. Check for Errors The Recovery Solution Server installation creates log files that record operations and errors that occurred during installation. The log files are text files that you can open in a text editor (such as Notepad). If any problems occurred, you should see them listed Recovery Solution Reference Guide 41 here. AeXCRSS.log lists all the high and medium level operations that server setup performed. During installation, AeXCRSS.log is created in the temporary folder that is used for server installation (by default, C:\WINNT\Temp). After installation is complete, this file is copied to the folder where the Recovery Solution Server is installed (by default, C:\Program Files\Altiris\Recovery Solution\Server). You may want to open these files to verify that there are no error messages before continuing with your use of Recovery Solution. Schedule Automatic Updates of Report Data For more information, see Using Recovery Solution Reports and Job Queue on page 153. Installing Recovery Solution Client Components For information, see Recovery Solution Agent Installation on page 51. Upgrading Recovery Solution Before upgrading Recovery Solution we strongly recommend making a full offline backup of the Recovery Solution SQL Server database. For information, see Recovery Solution Infrastructure Backup and Restore on page 290. Important Upgrades from versions earlier than Recovery Solution 6.1 are not supported. For information on upgrading previous Recovery Solution installations to version 6.1 or later, see corrensponding solution documentation. Upgrading from a previous 6.2 version or 6.1 requires the following steps: To install Recovery Solution through the Solution Center 1. In the Altiris Console, click the Getting Started tab. 2. Click Install Altiris Solutions from the Solution Center. 3. At the top of the page, under the Available Solutions tab, click the Solutions button. 4. Click Altiris Recovery Solution. 5. Click Start. This extracts the setup files and launches the installation wizard. 6. To start the installation, click Install. Note By default, after you have installed Recovery Solution, the Recovery Solution Cluster Upgrade policy will open automatically after the completing of the Solution upgrade. See also: Upgrading Recovery Solution Clusters (page 42) Upgrading Recovery Solution Clusters After you have upgraded the Recovery Solution program files, you must upgrade your Recovery Solution Clusters. Recovery Solution Reference Guide 42 During the installation on Recovery Solution, a Recovery Solution Cluster Upgrade policy is created. Use this policy to perform the upgrade process. To upgrade a cluster 1. Open the Altiris Console by clicking Start > Programs > Altiris > Altiris Console. 2. Click the Configuration tab, then click Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Solution Clusters > Recovery Solution Cluster Rollout. 3. Click the Recovery Solution Cluster Upgrade node. 4. (optional) Select After Cluster upgrade, automatically start Recovery Solution Server(s) upgrade. 5. In the right pane, click Start Upgrading Clusters. The Cluster begins to upgrade. If the After Cluster upgrade, automatically start Recovery Solution Server(s) upgrade checkbox was selected, the servers also upgrade; otherwise, you must, otherwise you must upgrade the servers manually. When the upgrade is completed you will need to restart the computer. It will take a few minutes for the server component to install. To view the status of the server upgrade or to launch upgrade of the servers manually, see the Servers tab of the cluster properties page or the Recovery Solution Server Upgrade policy on the Configuration tab of the Altiris Console (Configuration > Solution Settings > Incident Management > Recovery Solution Clusters > Recovery Solution Cluster Configuration). Notes After Recovery Server is upgraded, Recovery Solution Agent needs to be upgraded on client computers. For details, see Upgrading Recovery Agent on page 66. If the server upgrade failed, you can restart the upgrade by executing Setup.exe from \\<NS Server>\NSCAP\Bin\Win32\X86\Recovery Server Package location. The Start Recovery Solution Server(s) upgrade will only create and activate a Recovery Solution Server software delivery policy that may arrive at the Recovery Solution Server computer after a delay (when the computer requests the configuration from the Notification Server). If you wish to speed up the policy delivery process, on the Recovery Solution Server computer, use the Altiris Agent to request the configuration (right-click on the Altiris Agent Icon, select the Altiris Agent details and then click Update Configuration). We do not recommend clicking Reboot the computer(s) with the Recovery Solution Server after a successful upgrade is completed if Recovery Solution Server is installed on the same machine with Notification Server or there are several Recovery Solution Clusters installed on the Notification Server. It is possible that the Notification Server computer restart during the Recovery Solution SQL database upgrade may corrupt the database. Recovery Solution Reference Guide 43 Licensing Recovery Solution Each Altiris product comes with a 7-day trial license that is installed by default. You can register and obtain a 30-day evaluation license through our Web site at www.altiris.com or purchase a full product license. To view your current license, open the Altiris Console, click the Configuration tab and then Licensing. For more information, click the help button on the Licensing page. Uninstalling Recovery Solution This section describes how to uninstall Recovery Solution: z Uninstalling a Recovery Solution Cluster (page 44) z Uninstalling a Recovery Solution Server (page 44) z Uninstalling the Recovery Solution (page 45) Note We recommend uninstalling the Recovery Agent software from the client computers before uninstalling the solution. For details, see Uninstalling the Recovery Agent on page 73. Uninstalling a Recovery Solution Server This section explains how to uninstall an existing Recovery Solution Server. To uninstall a Recovery Solution Server 1. Open the Altiris Console by clicking Start > Programs > Altiris > Altiris Console. 2. Click the Configuration tab, and then click Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Solution Clusters > Recovery Solution Cluster Configuration. 3. Click the Recovery Solution Server Uninstall node. 4. Select a cluster to view a list of servers assigned to that cluster. 5. Select the server to uninstall. 6. Click Uninstall Server. 7. Click Yes to confirm that you want to uninstall the server. Uninstalling a Recovery Solution Cluster This section explains how to uninstall an existing Recovery Solution Cluster. This will uninstall all servers assigned to this cluster, the database is deleted, and then the cluster is deleted from the Notification Database. Recovery Solution Reference Guide 44 Note This does not remove the BLOB files in the storage. You must manually delete the files after deleting the storage. All Recovery Servers attached to the cluster will be automatically uninstalled after the cluster removal. To uninstall a Recovery Solution Cluster 1. Open the Altiris Console by selecting Start > Programs > Altiris > Altiris Console. 2. Click the Configuration tab, and then select Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Solution Clusters > Recovery Solution Cluster Uninstall. 3. Click the Recovery Solution Cluster Uninstall node. 4. Select the cluster to uninstall. 5. Click Start Uninstalling Cluster. 6. Click Yes to confirm that you want to uninstall the cluster. Uninstalling the Recovery Solution This section describes how to uninstall Recovery Solution from the Notification Server. For information on uninstalling the Recovery Agent, see Uninstalling the Recovery Agent (page 73). To uninstall Recovery Solution and/or the Recovery Solution Server 1. From the Windows Start menu, select Settings > Control Panel Add/Remove Programs. 2. Click the component that you want to remove. The Altiris Recovery Solution Server and Altiris Recovery Solution (the application) are separate items. For a complete uninstall, remove both. 3. Click Remove. 4. Follow the instructions on the screen. For more information on uninstalling Notification Server components, see the Altiris Notification Server Help. Recovery Solution Reference Guide 45 Chapter 3 Getting Started with Recovery Solution The Getting Started tasks guide you through the basic setup, configuration, and use of Recovery Solution. Each task has a procedure and, in many cases, exercises to illustrate the steps of the procedure. There are two methods for performing each task: the Quick Start page and the Altiris Console. The Altiris Console is the primary interface for Altiris solutions. The Quick Start page provides access to setup, configuration, and basic tasks in a central location. You can access the Quick Start by doing the following: From the Altiris Console: 1. In the Altiris Console, click the Tasks tab. 2. In the left pane, select Tasks > Quick Starts. 3. In the content pane, select Recovery Solution Quick Start. From the Start Menu 1. In the Start Menu, click Start > Programs > Altiris > Quick Starts> Recovery Solution. Getting Started tasks z Creating a Recovery Solution Cluster (page 47) z Adding Recovery Solution Servers to Clusters (page 47) z Installing the Recovery Agent (page 47) z Configuring a Recovery Solution Cluster (page 49) z Monitoring the Recovery Solution Job Queue (page 49) z Running Reports (page 50) z Running Recovery Solution Utilities (page 50) z Verifying the Recovery Agent Installed (page 49) Prerequisites for Getting Started tasks z Notification Server 6.0 SP3. z Recovery Solution installed on the Notification Server. See Installing Recovery Solution (page 26). z One or two client computers to be configured as protected computers. See Recovery Agent Requirements (page 12). z Configure and install the Altiris Agent on the client computers. See Install the Altiris Agent (page 29). Recovery Solution Reference Guide 46 Note The Altiris Agent is not required in order to install and use stand-alone Local Recovery or Local Recovery Pro Agent. Creating a Recovery Solution Cluster By default, you had the option to create a Recovery Solution Cluster when you installed Recovery Solution. If you have not yet created a cluster, you can do so now. You must create a cluster before you can install any Recovery Solution Servers. To create a new cluster 1. Open the Altiris Console by clicking Start > Programs > Altiris > Altiris Console. 2. Click the Configuration tab and select Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Solution Clusters > Recovery Solution Cluster Rollout. 3. Click the Recovery Solution Cluster Creation node. 4. In the right pane, click Launch Cluster Creation Wizard. For information, see Creating a Recovery Solution Cluster (page 36). Adding Recovery Solution Servers to Clusters After you have created a cluster, you must add one or more servers to the cluster. To add a server to a cluster 1. Open the Altiris Console by clicking Start > Programs > Altiris > Altiris Console. 2. Click the Configuration tab and select Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Solution Clusters > Recovery Solution Cluster Configuration. 3. Click the Recovery Solution Server Install task. The wizard will guide you through the process of installing a server. For information, see Adding Recovery Solution Servers to a Recovery Cluster (page 40). Installing the Recovery Agent Recovery Solution provides different options for installing the Recovery Agent on client computers. For information, see Recovery Agent Installation Options (page 51). Using Notification Server polices is the easiest way to roll out (push) the Recovery Agent to computers on your network is . To use rollout polices, the target computers must be discovered and have the Altiris Agent installed. It is helpful to have a working knowledge of policies, packages, programs, and collections (see the Altiris Notification Server Help). For information on installing the Altiris Agent, see Install the Altiris Agent (page 29). By default, these policies will perform tasks without any user intervention and will not cause a restart of the client computer. Recovery Solution Reference Guide 47 Note The user should manually restart the computer before using the Recovery Agent. You can also configure the policy to force a restart if your choose. Each policy uses the Recovery Agent installation file, AgentSetup.exe, with various command-line switches. AgentSetup.exe is located in the following folder: C:\Program Files\Altiris\Notification Server\NSCap\Bin\Win32\X86\Recovery Agent Package Install the Recovery Agent using rollout policies 1. From the Altiris Console, click the Configuration tab. 2. In the left pane select Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Agent Rollout. 3. Click the RS Agent Install policy. 4. In the right pane, select the Enable checkbox to enable the policy. 5. Verify the program name is configured for Install RS Agent. 6. (Optional) To have the client computer automatically restarted as part of the task, select the Reboot computers checkbox. Note The users logged on the client computers will be shown the default reboot prompt dialog that contains countdown timer and if user neither clicks Snooze nor Restart, the computer will be restarted automatically in 60 seconds. If no user is logged on at the target computer, the reboot will be performed automatically. The default reboot prompt will be shown or automatic reboot will be performed even if Recovery Agent rollout fails, if the Reboot computers checkbox was selected. 7. (Optional) To prevent the agent from performing an initial snapshot select the Disable initial snapshot checkbox. 8. Select the collection that the policy will use. This is the group of computers the policy will be run on. You can use the default or click the collection link to change or add other collections. Note If you are evaluating Recovery Solution solution in a lab environment, you can use the default collection and scheduling options. 9. Select the policy scheduling options. For information on configuring policies, see the Altiris Notification Server Help. 10. Click Apply. Recovery Solution Reference Guide 48 Verifying the Recovery Agent Installed You can view a collection that includes all the client computers that have the Recovery Solution Agent installed. To access the Computers with RS Agent Installed collection 1. From the Altiris Console, click the Configuration tab. 2. In the left navigation pane, click Configuration > Solution Settings > Incident Management > Recovery Solution> Recovery Agent Rollout > Computers with RS Agent installed. Several other collections available on the Configuration tab are useful for deploying Recovery Agent and tracking the agent status on client computers. These collections are located at Configuration > Solution Settings > Incident Management > Recovery Solution> Recovery Agent Rollout. Configuring a Recovery Solution Cluster You can configure the settings for cluster at any time. You can configure server job schedules, event notifications, storage management, and communication settings. You can also manage Recovery Servers and cluster users. To modify cluster settings, use the cluster properties page. To configure an existing cluster 1. In the Altiris Console, click the Configuration tab. 2. Select Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Solution Clusters > Recovery Solution Cluster Configuration. 3. Click the cluster node. For more information on configuring clusters, see Recovery Solution Cluster Configuration (page 96). Monitoring the Recovery Solution Job Queue The Recovery Solution Clusters Job Queue shows all currently running jobs on all clusters. Monitoring the job queue enables you to monitor the job queue. To open the Recovery Solution job queue 1. In the Altiris Console, click the Reports tab. 2. Select Dashboards > RS Cluster Job Queue. This will show all currently running Jobs on all clusters. 3. Click the Show pending jobs icon to show all scheduled jobs as well as currently executing jobs on all clusters. 4. Click the Hide pending jobs icon Recovery Solution Reference Guide to show only current running jobs. 49 5. Click the Refresh the job queue icon to update the current view. Note You can see more details on a client job (like snapshot or rollback) by right-clicking on the job in the list and selecting Details from the drop-down menu. Running Reports Recovery Solution provides the following types of reports: z Client Reports z Local Reports z Server Reports To access Recovery Solution reports 1. In the Altiris Console, click the Reports tab. 2. In the right navigation pane, click the report type and the report you want to use. For more information about reports, see Using Recovery Solution Reports and Job Queue (page 153). Running Recovery Solution Utilities Recovery Solution includes the following utility programs: Tasks Link to information Convert encrypted files on FAT partitions Convert Encrypted Files on FAT Partitions (page 128) Erase the protected computer’s partition table Erasing the Partition Table (page 146) Manage Agent Setup package Manage Agent Setup Packages (page 127) Restore data from Full System Recovery CD or DVD-ROMs Restoring Data From Full System Recovery Media (page 146) Restore data using the Migrate utility Restoring Data with the Migration Utility (page 130) To access Recovery Solution utilities 1. In the Altiris Console, click the Tasks tab. 2. In the left pane, click Tasks > Incident Management > Recovery Solution. Recovery Solution Reference Guide 50 Chapter 4 Recovery Solution Agent Installation The Recovery Agent is software that is installed on computers that allows files on that computer to be backed up. The Recovery Agent can back up files to the Recovery Server (server-based mode), or it can back up files to a special Altiris Partition on the local computer (local mode). In server-based mode, computers that have the Recovery Agent installed and have their files backed up to a Recovery Server are called protected computers. Note If you are using Deployment Solution, before you install the Recovery Agent in local mode, please read Important Issues with Using the Recovery Agent and BootWorks Partitions on page 34. This section describes how to install the Recovery Agent on client computers. The following topics are covered: z Recovery Agent Requirements (page 51) z Recovery Agent Installation Options (page 51) z Installing the Recovery Agent in Server-based Mode (page 52) z Recovery Agent Reinstallation and Repair (page 59) z Installing the Recovery Agent in Local Mode (page 60) z Installing the Recovery Agent in Mixed Mode (page 65) z Installing Recovery Agent Using an Image (page 66) z Upgrading Recovery Agent (page 66) z Using Recovery Agent Rollout Policies (page 67) z Recovery Agent Setup Command-Line Switches (page 69) z Uninstalling the Recovery Agent (page 73) Recovery Agent Requirements The Recovery Agent is installed on Windows-based client computers. For a list of requirements, see Recovery Solution Client Component Requirements on page 30. Recovery Agent Installation Options How you install the Recovery Agent on protected computers depends on the mode you will be running the agent in. It also depends on whether you are using Recovery Solution or Local Recovery Pro with Notification Server, or if you are using Local Recovery or Local Recovery Pro stand-alone. Before installing the Recovery Agent, please read Recovery Solution Client Component Requirements on page 30. Recovery Solution Reference Guide 51 For installation instructions, refer to the following sections: z Installing the Recovery Agent in Server-based Mode on page 52 z Registering the Recovery Agent in Server-based Mode on page 56 z Installing the Recovery Agent in Local Mode on page 60 z Installing the Recovery Agent in Mixed Mode on page 65 z Installing Recovery Agent Using an Image on page 66 The following topics are also available: z Upgrading Recovery Agent on page 66 z Using Recovery Agent Rollout Policies on page 67 z Recovery Agent Setup Command-Line Switches on page 69 z Uninstalling the Recovery Agent on page 73 Installing the Recovery Agent in Server-based Mode When the Recovery Agent is installed in server-based mode, snapshots are stored on the Recovery Server. Any of the following methods can be used to deploy the Recovery Agent in server-based mode: z Recovery Agent Installation Policies (‘Push’ Installation) on page 53 z Interactive Web-Based Agent Setup Wizard (‘Pull’ Installation) on page 53 z Unattended Recovery Agent Installation on page 55 Before you actually deploy the Recovery Agent to users, we recommend that you install the software on one or more computers with typical configurations, then perform snapshots on these computers. This seeds the server with common files, making snapshots faster for other users. To learn more, see Data Protection Performance on page 254. Before deploying the Recovery Agent, you might want to complete the following items: Configuring Recovery Agent Settings (page 75) Full System Recovery Setup (page 133) Notes You can cause the data protection components (which allow snapshots and recoveries) to be disabled by default for all protected computer installations. This might be useful if you want to deploy the software but not activate it immediately. To disable protected computers by default, click Disable Computers By Default on the RS Agent Install policy. For protected computers running 2000/XP/2003, a user with administrator rights on the protected computer must be logged on in order to install the Recovery Agent. No special rights are required to use the software after it is installed. For protected computers running Windows 98, usernames, passwords, and domain names cannot contain extended ANSI characters. These characters have character codes greater than 127 and are commonly used in non-English languages (Example: umlauts and characters with accents). They cannot be used with Recovery Solution Recovery Solution Reference Guide 52 because of a limitation in the Microsoft DCOM security component. Make sure that the Windows domain authenticating user accounts do not have names that contain these characters, and that the usernames and passwords for Windows 98 users with access to Recovery Solution do not contain these characters either. The user who installed Recovery Agent on a protected computer can also re-install it if needed. If users encounter installation problems, see Troubleshooting User Installations on page 208. After the server is upgraded, each protected computer is automatically upgraded the next time it connects to the server. For more information, see Upgrading Recovery Agent on page 66. Recovery Agent Installation Policies (‘Push’ Installation) Using Recovery Agent installation polices, you can deploy (push) the Recovery Agent to computers. This is the recommended way to install the Recovery Agent. For more information, see Using Recovery Agent Rollout Policies (page 67). Interactive Web-Based Agent Setup Wizard (‘Pull’ Installation) The Interactive Web-Based Agent Setup Wizard is an easy method of deploying the Recovery Agent because it requires no interaction on the part of the administrator. Users simply access and run the setup wizard through a Web browser to install the software and create an account on the server. The interactive wizard is setup automatically during installation of the Recovery Server if the server has Microsoft Internet Information Server (IIS) version 4.0 installed. Notes A server must be installed into the Recovery Solution Cluster. Users must authenticate using a domain account. This option is available only if the program files for the server are installed on a drive formatted with the NTFS file system. If the server is already installed but the Web-based Setup wizard is not available (because IIS was not on the server at the time of installation), you can install IIS on the server, then “upgrade” the Recovery Server. Setup then configures the Web-based Setup wizard using IIS. You will not lose any data as long as you click the Upgrade option. To successfully install Recovery Agent from the Web-based Setup wizard, users must be running Microsoft Internet Explorer 5.0 or later. If a user is running a version of Internet Explorer older than 5.0, a browser script error will appear when the Web-based Setup wizard is accessed. 64-bit Recovery Agent installation is not available through the Web-Based Setup Wizard. Recovery Solution Reference Guide 53 To install the Recovery Agent using the Setup Wizard 1. Direct users to the following URL: http://IP address/rsagent where IP address is the address of the Recovery Solution Cluster specified when you created the cluster (step 2 on page 36). You can also see the cluster address from the cluster configuration page > General tab > Cluster address: 2. Log in with domain credentials. 3. From the Welcome page, click Next and follow the wizard. 4. Select the mode that you want the Recovery Agent to run in: Install the agent in Server-based mode (go to step 5) Install the agent in Local mode (go to step 6) Install the agent in Mixed mode (go to step 7) For information on the different modes, see Recovery Solution Product Overview on page 13. 5. To install the agent in server-based mode, select the Server-based mode checkbox. 6. To install the agent in local mode, complete the following tasks: a. Select the Local mode checkbox. b. (Optional) Select the Create a partition to store your files automatically checkbox. c. Specify the drive and size of the Altiris Partition. 7. To install the agent in mixed mode, complete both steps 5 and 6. 8. (Optional) Select additional setup options: 9. a. After the agent is installed, the computer must be rebooted. You can specify whether or not to be prompted for the reboot. b. You can skip the initial default snapshot. To continue, click Next. 10. Select the account type: If you are creating a Recovery Solution account for the first time, click Create New Account. If you are using an existing Recovery Solution account, click Re-Install Existing Account. 11. To install the agent and create a new account, do the following tasks: a. To download the wizard, click Install. b. Click Open or Run, not Save. Note After clicking Install, a Microsoft security warning may appear warning that the publisher could not be verified. Continue by clicking Run or Yes to download the AgentSetup.exe. Note that on Windows XP SP2, an additional warning might appear about the cab file. Continue by clicking Install. Recovery Solution Reference Guide 54 The wizard installs the agent. c. After the agent is installed, click Finish to exit the wizard. To complete the installation, you must restart the computer. d. To restart the computer, click Yes. After, the computer has restarted, the Altiris Recovery Agent Registration page opens. e. To create a new account, enter an account login name and password. f. Enter a description of the computer. g. Click Register. The account is created as a Protected User and is associated to the protected computer. 12. To install the agent using an existing account, do the following tasks: a. Select the account login name of the account you want to re-install from the drop-down list. b. Enter the password for the account. c. Click Next. d. To download the wizard, click Install. e. To start the wizard, click Open or Run. The wizard installs the agent. f. When the agent is installed, click Finish to exit the wizard. To complete the installation, you must restart the computer. g. To restart the computer, click Yes. Unattended Recovery Agent Installation You can use AgentSetup.exe to install the Recovery Agent. AgentSetup.exe is available to users through the following network share: \\<Recovery Server name>\agent Example: you can distribute a batch file through e-mail, CD-ROM, or a network share called AgentSetup.exe. You can also use command-line parameters for other installation options. The possible command-line parameters are explained in Recovery Agent Setup Command-Line Switches on page 69. Notes If you are using a load-balanced cluster, unattended Recovery Agent installation from the network share may be unavailable, depending on your load balancer configuration. In this case, you can perform either ‘Push’ or ‘Pull’ Agent installation. Recovery Agent installation does not require user logon and can be performed silently if Recovery Solution Reference Guide 55 Recovery Agent setup was launched with the correct command-line parameters. For details, see Recovery Agent Setup Command-Line Switches on page 69. 64-bit Recovery Agent installation package is not available from the default Recovery Server network share. Registering the Recovery Agent in Server-based Mode This sections provides information that is provided to users in the Recovery Solution User’s Guide. If you install the Recovery Agent in server-based mode, you will need to register an account on the Recovery Solution Server. Caution If you specify [/User:<username>] [/Domain:<domain>] [/Pass:<password>] command-line switches and proper parameters during Recovery Agent setup, account registration will be performed silently, without requiring additional user input. You can modify the default Recovery Agent Setup policy to use these command-line switches if you want the Agent registration to be performed silently upon policy execution. You must make sure that “User account should change password on next logon” option is not enabled for a user account prior to registering the account, otherwise the account registration will fail. The user account password must not be longer than 14 characters. Otherwise, the registration will fail to complete. After Recovery Solution is installed, the agent files are copied onto the computer. A default account is created on the server to provide basic protection. Note On Windows XP and Windows 2003 client computers without a service pack, the Internet Sharing Configuration dialog box will appear upon Altiris Recovery Agent service startup asking to give the C:\Program Files\Altiris\Recovery Soluiton Agent\AeXRSAgt.exe permission to edit Internet Connection Protection settings. Check Do not show this dialog again and then click Yes in the dialog to let the Recovery Agent service modify the Windows Firewall exceptions. The Recovery Agent Registration dialog box is displayed to register an account on the Recovery Solution Server. When an account is registered on the server, the Recovery Agent Options dialog box is available. The administrator may have performed an “unattended” installation and registration. If that was successful, you will simply see a confirmation message. This topic explains registering an account under the following scenarios: z Creating and Registering a New Account (page 57) z Reinstalling the Recovery Agent using an Existing Account (page 57) z Changing the Server or Installation Type (page 58) z Installing the Recovery Agent but the Server is not Available (page 59) z Canceling the Registration Process (page 59) Recovery Solution Reference Guide 56 Creating and Registering a New Account To back up files to a Recovery Solution Server, you must have an account on the server. Recovery Solution uses Windows Active Directory domain services to manage user accounts. If the currently logged-on user is a member of a group that is already configured as users of the Recovery Solution Server (Cluster), then the account is registered automatically and the registration dialog will not appear. Otherwise, you will need to create a new account. To register a new account using a domain account You can register an account on the Recovery Solution Server using your domain credentials. If you are currently logged on, the domain user account will be used and no other information needs to be provided. All you need to do is click Register. Notes The Recovery Solution Server name is displayed by default. Do not change the server name unless you have been specifically instructed to do so. If you specify [/User:<username>] [/Domain:<domain>] [/Pass:<password>] command-line switches and proper parameters during Recovery Agent setup, account registration will be performed silently, without requiring additional user input even if the currently logged on user is not an authorized Recovery Solution user, or even without logging on to the protected computer. Reinstalling the Recovery Agent using an Existing Account You may have a need to reinstall the Recovery Agent but use an existing account. To register the computer using an existing account, you must be able to provide the password for the account. To reinstall the Recovery Agent using an existing domain account 1. Access the Web-Based Agent Setup Wizard page on the Recovery Solution Server through a Web browser and click Next. 2. If the “Installation Type” is not listed as “Reinstall existing account”, click Change, and select Reinstall existing account (see Changing the Server or Installation Type on page 58). 3. In Select Account, select your account from the list. 4. In Select Computer, select your computer. 5. (Optional) Enter additional information that may be helpful in Computer Description. 6. Click Register. If the account is not a member of the Altiris Recovery Solution users group, you will be prompted for your password. Recovery Solution Reference Guide 57 Notes You can also reinstall Recovery Agent from the network share \\server\agent, where server is the name or IP address of the Recovery Solution Server computer, using the following command: AgentSetup.exe /reinstall /comp:<reinstalled computer name> [/user:<user name of the reinstalled account> /pass:<password> /domain:<domain>] For more information on other AgentSetup.exe command line switches, run “AgentSetup.exe /?” at command line prompt. Tip You can reinstall any Recovery Agent computer account with a user account from the Altiris Administrators group by executing the following command: AgentSetup.exe /Reinstall /User:<Altiris Admin account> /Xpass:<encrypted Altiris Admin password> /Domain:<user domain> /Comp:<reinstalled computer name> If the /Comp parameter is empty, the current computer name will be used. An encrypted password provided through the /Xpass parameter can be created using the XPassUtility available from the Altiris Support Services. Changing the Server or Installation Type When the Recovery Agent is installed on a computer, a default account for that computer is created on the Recovery Solution Server so that the computer is protected as soon as possible. If you change the Recovery Solution Server or the installation type in the Recovery Agent Registration dialog box, you will be prompted with a warning that the default account will be deleted. The default account is deleted to avoid having unused accounts. You are prompted whether or not you want to proceed. Caution If you confirm to delete the default account, the account will be deleted whether or not you complete the registration process. If you have any questions, contact your Recovery Solution Administrator. To change Recovery Solution Servers, enter the name or IP address of the new Recovery Solution Server. The Recovery Agent will then attempt to connect to the new server so that you can complete registration. To change the installation type, select whether to install a new account or reinstall an existing account. Recovery Solution Reference Guide 58 Installing the Recovery Agent but the Server is not Available If the client computer cannot communicate with the Recovery Solution Server, the Recovery Agent Registration dialog box will appear with the message that the specified server is not available. If this happens, contact your Recovery Solution administrator. After the server is available, you can click Register to reconnect to the server. If instructed to do so, you can change the Recovery Solution Server that you are registering to. To change the server, click Change in the Registration dialog box and select a new server, and then click Register. Caution If the default account was created on the first server, you will get a warning that the default account will be deleted. For more information, see Changing the Server or Installation Type on page 58 or contact your Recovery Solution administrator for assistance. Canceling the Registration Process If you cancel the registration process, a registration dialog will appear with one of two messages: z If a default account was created on the server, the computer will be protected, but the Recovery Agent Options dialog box will not be accessible until registration is completed. z If a default account was not created on the server, your computer is not protected until registration is completed. The default account may not be created if there is a connection problem with the server, if there is insufficient information about the computer, and so on. We recommend that you complete registration as soon as possible. If you have any questions, contact your Recovery Solution administrator. Recovery Agent Reinstallation and Repair It might sometimes be necessary to reinstall Recovery Agent on a protected computer, either after certain types of data recovery or because the software is simply not working properly. Reinstallation The user of a protected computer who originally installed the Recovery Agent or users who have used the Recovery Agent after it was installed can reinstall with that computer’s account. Note To prevent potential conflicts, reinstallation should only be performed with an account that has been uninstalled or that exists on a computer that can no longer run its installation of Recovery Solution. To reinstall from an installation package, you or the user can use the Web-based agent setup or specify command-line parameters for the Setup executable, “AgentSetup.exe.” Recovery Solution Reference Guide 59 For more information, see Interactive Web-Based Agent Setup Wizard (‘Pull’ Installation) on page 53 or Recovery Agent Setup Command-Line Switches on page 69. Repair An agent repair might be required if some agent files are missing on the client computer. A repair does not change any settings, but just recopies agent files. It can be performed either from the command line - \reinstall parameter or using RS Agent Reinstall Rollout policy. For more information, see Using Recovery Agent Rollout Policies on page 67 or Recovery Agent Setup Command-Line Switches on page 69. Installing the Recovery Agent in Local Mode When you install the Recovery Agent in local mode, snapshots are backed up on a special partition on the local computer’s hard drive and not on the Recovery Solution Server. This special partition is called the Altiris Partition. Caution If you are using Deployment Solution, before you install the Recovery Agent in local mode, please read Important Issues with Using the Recovery Agent and BootWorks Partitions on page 34. If you are going to install the Recovery Agent in local mode, you will perform the following tasks: z Distribute Local Mode Prerequisite Package (page 61) z Install the Recovery Agent Software (page 62) z Create a Partition to Store Your Files In (page 63) z Perform the First Snapshot (page 64) The first snapshot is taken in two different phases. The first phase is done in Linux using Altiris RapiDeploy®. This creates a snapshot of the entire file system. In the event that your Windows operating system becomes unusable, you can restore the file system from the snapshot. The second phase is done in Windows. This makes all the files recoverable from within Windows. Caution The Altiris Partition requires contiguous free space on the drive. For best results, run a disk defragmentation utility on the drive before installing. If the drive does not have enough contiguous free space, you will get an error stating “Altiris Recovery Agent failed to create initial image of the system.” For more information, see Troubleshooting: Problems Installing the Local Partition (page 228) An Altiris Partition cannot be created on a computer that has the entire drive compressed. Individual files can be compressed without causing a problem. If the entire drive is compressed, compression will need to be temporarily turned off. To check if a drive is compressed, in Windows Explorer, right-click on the drive (Local Disk C:), and make sure the Compress drive to save disk space checkbox is cleared. Recovery Solution Reference Guide 60 Notes Because this first snapshot is backing up all files, this will take several minutes. All subsequent snapshots are taken while running Windows. These snapshots will backup files that are new or changed, making the snapshots much faster. Windows allows you to set Compression and Encryption attributes to drives, folders, and files. Recovery Solution can back up and restore compressed and encrypted files. However, the initial snapshot performed in Linux and subsequent snapshots performed in Windows handle compressed and encrypted files differently. As a result, files that are compressed or encrypted before the Recovery Agent is installed will be backed up twice. If you have many compressed or encrypted files, this will take double the space to store snapshots of those files. We recommend that you turn compression and encryption off (or limit it to a small number of files) before you install the Recovery Agent. After the Recovery Agent is installed and the first snapshot is taken, you can turn compression and encryption on, and the Recovery Agent will make only one backup of those files. Distribute Local Mode Prerequisite Package The Recovery Agent Local Mode Prerequisite Package file (alrfileXXXX.frm, where XXXX is the package build number) contains the Recovery Agent Partition component that is required for running the Local Recovery Agent. The package must be distributed to clients prior to running the Altiris Local Recovery Agent setup. New builds of Local Mode Prerequisite Package can be provided by Altiris to enable Local Recovery support newer hardware. Whenever a new build is available, if needed, you can update your clients with the new package by reapplying the RS Agent Local Mode Prerequisite Package Install policy (see If you use the rollout policies for “Push” installation on page 61), or manually specifying the location path during Local Recovery Agent setup or using the /RSLMPPackagePath command-line parameter (see If you install Recovery Agent from a network share or locally on page 62). The Local Mode Prerequisite Package file is downloaded from http:// www.solutionsam.com/imports/6_2/recovery into “install path\Altiris\Notification Server\NSCap\Bin\Win32\X86\Recovery Agent Local Mode Prerequisite Package” folder on the Notification Server computer during the solution setup. In case the package was not downloaded properly (because of connectivity problems for example), enabling the RS Agent Local Mode Prerequisite Package Install policy in the Altiris Console can fail. In this case you can manually copy the package from and to the locations specified above. Caution All silent Local Recovery Agent installations and upgrades will fail unless the Recovery Agent Local Mode Prerequisite Package is distributed to client computers. The package can be distributed to clients in the following ways. If you use the rollout policies for “Push” installation For automatic rollout of package to client client during “Push” installation, you must use the RS Agent Local Mode Prerequisite Package Install policy in the Altiris Console > Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Agent Rollout. For details, see Using Recovery Agent Rollout Policies on page 67. Recovery Solution Reference Guide 61 Notes You must enable the RS Agent Local Mode Prerequisite Package Install policy before you can enable other local-mode install policies. You must enable the RS Agent Local Mode Prerequisite Package Install policy before you can set the Enable Local Recovery Agent option (see the Configure User’s Rights and Permissions on page 92) in the Default Recovery Agent Settings policy. After the policy runs on client computers, the default package location is C:\Program Files\Altiris\Setup Files\Recovery Agent Local Mode Prerequisite Package. To reapply the RS Agent Local Mode Prerequisite Package Install policy on client computers that have already run the policy, click the Update button on the policy page. Clicking this button recreates the instance of the policy and enables the recurring rollout of a Local Mode Prerequisite package when, for example, a newer version of the package is available. If you use the Web-based Setup Wizard When you install the Recovery Agent using the Web-based Setup Wizard, the package will be downloaded from http://www.solutionsam.com/imports/6_2/recovery by default. In case Recovery Agent Setup cannot connect to the default location or find the package in the specified folder, Altiris Recovery Agent Setup will pause asking you to specify a URL, a network path, or a local folder where the file can be found by the Agent Setup. Note The package can be manually copied by a user to C:\Program Files\Altiris folder on a client computer. After that, no prompt for download will appear during Recovery Agent installation even if the package cannot be downloaded from the web. If you install Recovery Agent from a network share or locally If you manually install Recovery Agent by running the Recovery Agent setup executable from a network share or locally, you can place the package file in a non-default location and modify the default package location path by using the Recovery Agent Setup command-line parameter: /RSLMPPackagePath:<pathname>. For details, see Recovery Agent Setup Command-Line Switches on page 69. Install the Recovery Agent Software There are two ways to install the Recovery Agent software: z Using a Distribution Package z Using Notification Server Policies (see Using Recovery Agent Rollout Policies on page 67) To install the Recovery Agent using a distribution package Depending on the version you have purchased, the Recovery Agent is available in two different package files: z The standard Recovery Agent installation file is AeXRSLocalAgent.exe. z The Recovery Agent installation file for Local Recovery Pro is AeXLRPLocalAgent.exe. Recovery Solution Reference Guide 62 1. Locate the Recovery Agent distribution package. a. If you have already installed Recovery Solution on your Notification Server, the standard distribution file can be located in the following folder: C:\Program Files\Altiris\Notification Server\NSCap\Install\Recovery Server\Agent b. If you purchased Local Recovery Pro, copy and then open the package file on your Notification Server. This extracts and copies the setup files to the following folder: C:\Program Files\Altiris\Notification Server\NSCap\Install\Recovery Server\Agent It is intended that you will extract these files on your Notification Server. After the setup files are extracted, you can then distribute the actual setup file to any computer you want to install the Recovery Agent on. If you do not have a Notification Server, you can extract the files onto any computer. 2. Distribute the installation file to the computers you want to install the Recovery Agent on. You can distribute the file using e-mail, a network share, CD, and so on. 3. On the computer you want to install the Recovery Agent on, run the Recovery Agent installation file. The installation wizard runs and installs the agent program files. Note In case the Local Mode Prerequisite Package cannot be found in the default location or downloaded from http://www.solutionsam.com/imports/6_2/recovery during setup, the installation process will pause asking you to specify a URL, a network path or a local folder where the package file can be found. Click Rescan to rescan the possible locations again, or click Browse to locate the file and then click Next to proceed with installation. Click Finish. For information, see Distribute Local Mode Prerequisite Package on page 61. 4. Restart the computer. 5. The computer is restarted, a file system check is performed on the computer, the computer is restarted again, and the Recovery Agent Partition Wizard is loaded. Create a Partition to Store Your Files In The Recovery Agent Partition Wizard guides you through the process of creating the Altiris Recovery Partition that your snapshots will be stored in. The partition is a Linux-type partition created inside the existing Windows partition, hidden from the end user and protected against common Windows Disk Management utilities. The Altiris Partition can be created on any disk drive, including removable media such as a USB drive, which you can later use for recovery in case of system drive failure by booting from the drive where the Altiris Partition resides. Recovery Solution cannot change the size of the partition after it is created without removing and recreating the partition. You must either accept the default Recovery Solution Reference Guide 63 recommended or specify a new size when creating the partition. The following table helps you with the Altiris Partition sizing. Size Calculation The recommended size of the Altiris Recovery Partition ~40% of the total system hard disk drive The maximum size of the Altiris Recovery Partition placed on the system drive 45% of the total system volume size The maximum size of the Altiris Recovery Partition placed on a non-system drive (additional or external drive) formatted with NTFS 49% of the total volume size The maximum size of the Altiris Recovery Partition placed on a non-system drive (additional or external drive) formatted with FAT32 100% of the total volume size The minimum size of the Altiris Partition 70% of the space used on the system drive + 100MB (reserved for operations with the partition) To create a partition 1. From the Recovery Agent Partition Wizard introduction page, click Next. 2. Select the existing partition that you want to create the Altiris Recovery Partition on. You can use any supported hard disk drive on the computer. For a list of supported hard disk drives, see Hard Disk Support on page 297. 3. Set the size of the partition. Recovery Solution determines the size of the hard drive, and by default sets the partition size to 40% of the total drive space. To change the default partition size, a. Click Change. b. Set the size of the partition by either entering a value in Megabytes or a percentage of the hard disk. c. Click OK. 4. Click Next. 5. To complete the installation and start the first snapshot, click Finish. 6. After the files have been installed, click Yes to restart the computer. Perform the First Snapshot After creating the Altiris Recovery Partition, the computer restarts and is started in Linux. Altiris RapiDeploy is run to create the first phase of the first snapshot. This is called the golden image. Because all files are read and backed up on the same drive, this will take several minutes. On a computer with a lot of data, this snapshot can take up to an hour. If the computer has only an operating system installed and little data, it can take 20-30 minutes. Recovery Solution Reference Guide 64 When the first phase is completed, the computer will be restarted. You will be prompted to perform the second phase of the snapshot. This will make the files in your snapshot available for recovery through Windows. When the snapshot is completed, all the files on the computer are protected in a snapshot. Installing the Recovery Agent in Mixed Mode In mixed mode, Recovery Agent can be configured to back up files to both a local Altiris Partition and a Recovery Solution Server. Both modes are configured and function independently. When using mixed mode, and when a user opens the Recovery Agent Options, the user must select whether to configure options for server-based or local mode. How you install Recovery Agent in mixed mode is based on the following conditions: z If the Recovery Agent is not installed in any mode z If the Recovery Agent is already installed in server-based mode z If the Recovery Agent is already installed in local mode If the Recovery Agent is not installed in any mode If the Recovery Agent is not installed in any mode, you can do the following: Use the Interactive Web-Based Agent Setup Wizard (‘Pull’ Installation) (page 53) and select the Mixed mode. Use AgentSetup.exe with /local parameter (see Recovery Agent Setup Command-Line Switches on page 69). Use any other method for installing in server-based mode, then follow the instructions in If the Recovery Agent is already installed in server-based mode (page 65). If the Recovery Agent is already installed in server-based mode If the computer was configured in server-based mode first, do the following: 1. On the local computer, open the Recovery Agent Options. 2. Click the General tab. 3. Click Create to create a local Altiris Partition. The right to do this is disabled by default. To enable this right, see Enable Local Recovery Agent (server-based mode) on page 93. 4. Complete the Recovery Agent Partition Wizard. If the Recovery Agent is already installed in local mode If the computer was configured in local mode first, you can simply use any method to deploy the Recovery Agent in server-based mode. This will maintain local mode settings and files. Recovery Solution Reference Guide 65 Caution If you are using Deployment Solution, before you install the Recovery Agent in mixed mode, please read Important Issues with Using the Recovery Agent and BootWorks Partitions on page 34. Installing Recovery Agent Using an Image You can easily deploy the Recovery Agent to multiple computers (with similar hardware configurations) using an image. This is especially useful if you want to pre-install the Recovery Agent in local mode on several new computers. The following procedure describes the general steps in using an image to pre-install the Recovery Agent. 1. 2. Configure a baseline computer by doing the following: a. Install and configure the operating system. b. Install and configure the applications that you want the computers to have in common. c. Install the Recovery Agent in local mode with the desired partition size. d. Take the first snapshot. Make an image of the baseline computer. Caution Because the Recovery Agent uses Altiris RapiDeploy® create the Altiris Partition, you must use RapiDeploy to image the computer and maintain the Altiris Partition. 3. Place the image on the target computers. Upgrading Recovery Agent If the Recovery Solution Server is upgraded, you can use the RS Agent Upgrade rollout policy to upgrade the Recovery Agent on each protected computer. Until the upgrade occurs, the computer is displayed with an exclamation mark icon in the console, indicating that its software version is older than the version on the server. Warning Starting with Recovery Solution 6.2 SP2, Microsoft Windows 95, 98 (original release), ME, and NT 4.0 operating systems are no longer supported. You cannot upgrade the Recovery Agent on these platforms. During the upgrade, Recovery Solution creates a text file named AexCRAS.LOG in the program folder on the protected computer. You can look here for information about the status of the upgrade. If there are problems with the automatic upgrade, see Troubleshooting User Installations on page 208. Notes After the Recovery Agent has been upgraded on a client computer, previous snapshots are not shown in the Rollback dialog in the Altiris Console unless you select the Show Recovery Solution Reference Guide 66 critical snapshots and snapshots from previous RS Agent installations checkbox. This will not display previous snapshots on the client's Rollback dialog. For more information, see Perform a Rollback on page 122. If the user logged onto the protected computer at the time of the automatic upgrade is not the user who originally installed the software, then the user sees a prompt asking for new credentials. If the logged-on user has never manually accessed the existing installation of Recovery Solution, then the account is added as a new user of the computer’s account. If the automatic upgrade of a Windows 2000/XP protected computer is interrupted (Example: if the computer is restarted during the upgrade), the software is unable to repair itself. If this happens, the user should reinstall Recovery Agent using the computer’s existing account. If Recovery Solutions Agent Install policy was enabled with schedule set to ASAP, then this policy becomes a run-once policy. After it is executed it will never be executed again in the future, even if policy is upgraded (or a package that this policy refers to). If an Upgrade does not happen try to schedule this policy to execute at a certain date/time, or to change its type to Manual and then run the policy manually. See also: Using Recovery Agent Rollout Policies on page 67. Using Recovery Agent Rollout Policies Using Notification Server polices, you can roll out (push) the Recovery Agent to computers on your network. You can install the Recovery Agent in server-based mode or local mode. You can also use policies to reinstall, upgrade, and uninstall the Recovery Agent. To use rollout polices, the target computers must be discovered and have the Altiris Agent installed. It is helpful to have a working knowledge of policies, packages, programs, and collections. For information on installing the Altiris Agent and configuring policies, see the Altiris Notification Server Help. Recovery Solution includes the following predefined policies for Recovery Agent rollout: RS Agent Local Mode Prerequisite Package Install Installs the Recovery Solution Agent Local Mode Prerequisite Package. RS Agent Install Installs the Recovery Agent and creates an account to back up files to a Recovery Solution Server. RS Agent Install in Local Mode Installs the agent and creates a local Altiris Recovery Partition to back up files locally. Note You must enable the RS Agent Local Mode Prerequisite Package Install policy before this policy can be enabled Recovery Solution Reference Guide 67 RS Agent Promotion If Local Recovery is installed on the client computer, you can promote it to Local Recovery Pro version with more functionality or mixed mode depending on the solution you have. Note You must enable the RS Agent Local Mode Prerequisite Package Install policy before this policy can be enabled. RS Agent Reinstall Reinstalls the Recovery Agent to perform a repair. RS Agent Uninstall Removes the Recovery Agent from the protected computer. RS Agent Upgrade Upgrades older versions of the Recovery Agent to the current version. Note You must enable the RS Agent Local Mode Prerequisite Package Install policy before this policy can be enabled. Each policy uses the Recovery Agent setup executable (AgentSetup.exe) with various command-line switches. AgentSetup.exe is located in the following folder on Notification Server computer: install path\Altiris\Notification Server\NSCap\Bin\Win32\X86\Recovery Agent Package By default, a Recovery Agent Rollout policy is configured to restart computers after it runs if no user is logged on. Otherwise, the logged-on user will be prompted to restart the computer manually, or restart will be performed automatically after an interval. Note You must install at least one Recovery Server before you can push the Recovery Agent installations. To use Recovery Agent Rollout policies 1. From the Altiris Console, click the Configuration tab. 2. In the left pane, click Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Agent Rollout. 3. Click the policy you want to use. 4. In the right pane, enable the policy. Caution RS Agent Local Mode Prerequisite Package Install policy must be enabled before other local-mode install policies (RS Agent Install in Local mode, RS Agent Promotion) can be enabled. 5. Verify the program name for the task you want to perform. 6. (Optional) Enable status events. 7. (For installation in server-based mode) Select the Recovery Solution Cluster that this computer will be protected on. 8. To have the client computer automatically restarted as part of the task, select the Reboot computers checkbox. Recovery Solution Reference Guide 68 Notes The users logged on the client computers will be shown the default computer restart prompt dialog that contains the countdown timer. If the user neither clicks Snooze nor Restart, the computer will be restarted automatically in 60 seconds. If no user is logged on at the target computer, the reboot will be performed automatically. The default reboot prompt will be shown or automatic reboot will be performed even if Recovery Agent rollout fails, if the Reboot computers checkbox was selected. 9. (For installation in server-based mode) To have the client computer installed but disabled, select the Disable computers by default checkbox. 10. (For installation in server-based mode) To have the client computer installed but skip the initial snapshot, select the Disable initial snapshot checkbox. 11. (For uninstall) To have the account deleted, click the Delete account from Recovery Solution cluster checkbox. All data backed up from the deleted account will be removed during the next space management job. 12. Select the collection that the policy will use. This is the group of computers the policy will be run on. 13. Select the policy scheduling options. For more information on configuring policies, see the Altiris Notification Server Help. 14. Click Apply. To check the Recovery Agent Rollout policy status A rollout policy returns the status code as it runs. You can check the Recovery Agent rollout status using the standard Notification Server report (Reports > Notification Server Infrastructure > Agent > Altiris Agent Tasks Status) Recovery Agent Setup Command-Line Switches You can use command-line switches to automate installation, reinstallation, uninstall, upgrade, and repair of the Recovery Agent. For SMS deployment, the required switches must be specified when the SMS package is created. For interactive deployment, switches can be specified in a batch file or by the user performing the installation. Caution /Reboot command-line switch is required for unattended Recovery Agent installation in all modes. /Silent switch option causes Agent setup progress dialog to be hidden from a user. For silent registration upon Recovery Agent installation in server-based mode, you must specify valid /User, /Domain, and /Pass command-line parameter values. For silent installation in local mode, you must correctly specify /BWPart and /BWVolume parameters that cause automatic creation of Local Recovery partition. Recovery Solution Reference Guide 69 The following are examples of syntax (with possible parameters) for using commandline switches: New Installation agentsetup.exe [/Local] [/Server:<server name>[;http|https][;port number]] [/User:<username>] [/Domain:<domain>] [/Pass[:<password>] [/BWPart:<partition_size>] [/BWVolume:<volume>] [/RSLMPPackagePath:<pathname>][/Reboot] [/Silent] [/Disable] [/InitialSnapshot] Reinstallation agentsetup.exe /Reinstall [/Comp:<computer>] [/User:<username>] [/Domain:<domain>] [/Pass[:<password>]] [/ID:<computer ID>] [/Server:<server name>[;http|https][;port number]] [/Reboot] [/Silent] Support SMS during installation agentsetup.exe /SMS [/MIF:<mif file(no extension)>][/Reboot] [/Silent] Uninstall agentsetup.exe /Uninstall [/Delaccount] [/Reboot] [/Silent] Upgrade initiation agentsetup.exe /Upgrade [/Reboot] [/Silent] Repair installation agentsetup.exe /Reinstall [/Reboot] [/Silent] Local Agent installation agentsetup.exe /LocalOnly [/BWPart:<partition_size>] [/BWVolume:<volume>][/RSLMPPackagePath:<pathname>] [/Reboot] [/Silent] The command-line parameters are described below. Recovery Solution Reference Guide 70 Notes Command-line parameters are not case-sensitive, but any passwords specified are casesensitive. Unless the /Server parameter is specified, all protected user accounts are created on the server from which the setup package was made. Parameter Description /User /Domain Specify the username, domain, and password of the user account for which Agent registration will be performed. /Pass If you supply valid credentials, Agent registration will be performed silently. /BWPart Default Value Create a partition for “Local Snapshot” with the specified size. Example: /BWPart:10000 - to specify size in MB or /BWPart:80% - to specify the size as the percentage of the overall space. All invalid sizes will be skipped and the default behavior will be used. /BWVolume Create a partition for “Local Snapshot” on specified volume where <volume> is drive letter (Example: /BWVolume:D). / RSLMPPack agePath Specify the full pathname of the Local Mode Prerequisite Package file (URL, UNC, or local path) placed in a non-default location. Note that the path cannot contain Unicode characters. (Example: / RSLMPPackagePath:\\server\share\alrfileXXXX.frm) / Delaccoun t Deletes account from server in uninstall case (for server-based agent only). /Disable Disables account for protected user (for server-based agent only). / InitialSn apshot Determines whether to perform an initial snapshot: /Local Install Agent in Mixed mode Recovery Solution Reference Guide 0 - Do not show initial snapshot dialog 1- Show initial snapshot dialog 71 Parameter Description / LocalOnly Installs Agent in “Local Snapshot” mode only /MIF:.MIF file Specifies a Management Information Format (.MIF) file for use with SMS deployments. No default value. Do not include the .MIF file extension. Not required. If not specified, no .MIF file is used. Specifies that Setup should automatically restart the computer after the installation is complete. No default value. Not required. If not specified, the user is prompted to restart the computer. Specifies that this is a reinstallation of the software. No default value. /Reboot / Reinstall Required only to continue using an existing account. This ensures that the user continues to have access to existing protected data on the server. /Server: server; http(s);p ort Not required. The name of the server that stores this protected computer’s account for Recovery Solution. This can be the Windows name, the full Internet DNS name, or the IP address of the server. You might have to specify the IP address if the server is on a different subnet from the protected computer. Optionally, you can specify the protocol to be used during Recovery Agent registration (HTTP or HTTPS) and the port number. /Silent Performs a silent installation of Recovery Agent. Note If you do not include the /Reboot parameter, the user must reboot the computer before Recovery Agent becomes functional. Not required. Recovery Solution Reference Guide Default Value If not specified, a new installation is performed. The default name is the name of the server from which the Setup package was created. The default protocol is DCOM. No default value. If not specified, the installation is interactive. 72 Parameter Description Default Value /SMS Specifies that Setup is being distributed through Microsoft Systems Management Server (SMS). No default value. Required only for distribution through Microsoft SMS. If not specified, the Setup package is not configured for SMS. / Uninstall Perform an account uninstall. /Upgrade Initiates a Client Auto Update. Uninstalling the Recovery Agent You can uninstall the Recovery Agent from a protected computer in one of the two following ways: z Using Windows Add/Remove Programs (page 73) z Using Recovery Agent Policies to Uninstall the Recovery Agent Remotely (page 74) Using Windows Add/Remove Programs To uninstall the Recovery Agent and/or Local Recovery (Pro) from a protected computer 1. On the protected computer, click Start > Settings > Control Panel > Add/ Remove Programs. 2. On the Install/Uninstall tab, scroll down and select Altiris Recovery Solution Agent and/or Altiris Local Recovery (Pro). 3. Click Remove. Caution This will uninstall the program files and the recovery partition, including all backed up files. 4. The following screen lets you uninstall Recovery Agent either removing (default) or leaving account on the server. To remove account you should enter credentials of a user that installed this account or used it later. In case of a mixed mode agent you can choose to uninstall Local Recovery Agent, Server-based Recovery Solution Agent or both. Recovery Solution Reference Guide 73 Notes These options are applicable only to the uninstallation of the server-based Recovery Agent. This screen does not appear in case Recovery Server not available at the time of uninstall. Using Recovery Agent Policies to Uninstall the Recovery Agent Remotely You can use Recovery Agent policies to uninstall the Recovery Agent remotely. This allows you to uninstall the agent from multiple computers at one time. For more information, see Using Recovery Agent Rollout Policies on page 67. Recovery Solution Reference Guide 74 Chapter 5 Configuring Recovery Solution This section contains information about configuring Recovery Solution. This chapter provides information about the following topics: z Configuring Recovery Agent Settings (page 75) z Recovery Solution Cluster Configuration (page 96) z Recovery Solution Security Role Management (page 110) z General Settings (page 97) z Scan for applied critical patches and Software Delivery tasks (page 113) z Manage Lost Recovery Solution Agents (page 113) Configuring Recovery Agent Settings You can configure the default settings for the Recovery Agent that is running in either server-based mode or local mode on protected computers. Default Recovery Agent settings are managed through configuration policies that will apply to all computers in the collections you specify. For more information about changing and setting up custom collections, see the Notification Server help. When the Recovery Agent is installed on a computer, the default settings will be used on the protected computer. If you change the default settings, the new default settings will be applied to all existing computers in the collections you specify. You can configure multiple configuration policies that can be applied to different computers. For each configuration policy, you can modify the settings and apply it to different collections. For more information, see Creating Configuration Policies on page 75. Rather than modifying the existing Default Recovery Agent Settings policy, we recommend that you create new configuration policies by cloning the existing policy and modifying the copy of the policy. The following topics describe how to clone policies and then configure default agent settings. z Creating Configuration Policies (page 75) z Configuring Default Agent Settings (page 77) Creating Configuration Policies Caution The following is a “best practice” for handling multiple configuration policies. By default, there is one Default Recovery Agent Settings policy for protected computers running in server-based mode and one Default Local Recovery Agent Settings policy for protected computers running local mode. Rather than modifying the existing default Recovery Solution Reference Guide 75 Recovery Agent settings policy, we recommend that you create new configuration policies by cloning the existing policy and modifying the copy of the policy. Any settings changed within the original policy will change all other settings in cloned policies following the rules of inheritance. As a result, we strongly recommend working with multiple policies in the following way: z Disable the Default Recovery Agent Settings (page 76) z Clone the Default Recovery Agent Policy (page 76) z Configure a Copy of Default Local Recovery Agent Settings (page 76) Disable the Default Recovery Agent Settings 1. From the Altiris Console, click the Configuration tab, then click Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Agent Settings. 2. Click on the policy named either Default Recovery Agent Settings or Default Local Recovery Agent Settings. 3. Click the Snapshot tab. 4. Under Policy Settings, clear the Enable checkbox. 5. Click Apply. Clone the Default Recovery Agent Policy 1. Click the Configuration tab, then click Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Agent Settings. 2. Right-click on a policy. Example: Default Local Recovery Agent Settings. 3. Click Clone. 4. Click Ok. This will create a policy called Copy of Default Local Recovery Agent Settings. You can rename this policy. Configure a Copy of Default Local Recovery Agent Settings For details, see Configuring Default Agent Settings on page 77. Creating additional policies When creating additional policies, either clone Default Recovery Agent Settings (which is your default policy) or clone your new created policy. Example: accounting department policy. If you do clone your newly created policy, all rules of inheritance will be applied and should be done with caution. Using Inherited Default Agent Settings Recovery Solution supports multiple generation inheritance. Grand parent properties are passed to the parent which are passed to the child unless the inheritance tree is broken. The Default Recovery Agent Settings is a policy group that the following inheritance trees: z Snapshot z Excludes Recovery Solution Reference Guide 76 z Rollback Data z Space Management z Bandwidth Throttling Settings z Connection Management z Remote Access z User Rights z Miscellaneous Settings z Health Alerts Settings z Storage Space Limits z Communication Settings z Performance Settings z Storage Management z F11 Recovery Settings Two of these trees, Excludes and Rollback Data, can be appended to at each level of inheritance. At any level of inheritance of this policy group for each of these eleven trees you can turn off the inheritance and inheritances will be started new for that tree within that policy group. These new settings are inherited to its children and grand children. Any change to a policy group will in real time affect its children and grandchildren. Configuring Default Agent Settings To configure default Recovery Agent settings 1. From the Altiris Console, click the Configuration tab. 2. In the left pane, click Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Agent Settings. 3. Click the Recovery Agent Settings policy you want to configure. To configure the Local Recovery Agent settings, use the Default Local Recovery Agent Settings policy. To configure the server-based Recovery Agent settings, use the Default Recovery Agent Settings policy. Rather than modifying the existing Default Recovery Agent Settings policy directly, we recommend that you create new configuration policies by cloning the existing policy and modifying the copy of the policy. For more information, see Creating Configuration Policies (page 75). 4. Under Policy Settings, select the Enable checkbox (this will enable the policy). 5. Use the existing Notification Server collection or click the collection link to select a different or additional collections. 6. Configure the default settings. 7. Click Apply. The following topics describe the default settings that you can configure. Recovery Solution Reference Guide 77 Note The topic name defines whether it applies only to the Default Local Recovery Agent Settings policy (local mode only), server-based Default Recovery Agent Settings policy (server-based only), or both. z Configure Snapshot Settings (page 78) z Configure Excludes (page 81) z Configure Rollback Data (page 87) z Configure Space Management (page 88) z Configure Throttling and Connection (server-based only) (page 90) z Configure Remote Access (server-based only) (page 91) z Configure Performance (local mode only) (page 92) z Configure Storage Management (local mode only) (page 92) z Configure User’s Rights and Permissions (page 92) z Configure Miscellaneous Settings (page 94) Notes If you change the default Recovery Agent settings shortly after installing the agent on a client computer, the updated settings may not immediately get updated on the client computer. When the Recovery Agent is installed on a computer, it may take several minutes for the Notification Server to process all the database information about that computer. The time require depends on your settings (Example: see Automatic Collection Updating in Configuration > Server Settings > Notification Server Settings). After the Notification Server information is updated, then the new default settings will be applied the next time the agents settings are updated on the client computer. Configure Snapshot Settings Recovery Solution lets you schedule snapshots to ensure that they are being done on a regular basis. You can specify when to automatically take a snapshot. You can also specify what data you want to protect. By default, Recovery Solution protects all drives on all users’ computers. Tip You can use the enhanced exclude list to specify a partial snapshot that will capture only specific files or filetypes on your drive instead of having tons of other unnecessary files in the snapshot. For information, see Using Exceptions (page 82). By default, protected computers always inherit the default schedule for the collections. Default snapshots are scheduled Monday through Friday inclusive, between 7:00 a.m. and 7:00 p.m. Because of the advanced compression techniques used by Recovery Solution, there is usually little network traffic associated with a snapshot. But in some cases you might want to change the default schedule to better suit your time zone and network environment. Recovery Agent inherits the default schedule of the collections that the protected computer is a member of. For more information, see Using Inherited Default Agent Settings on page 76. Recovery Solution Reference Guide 78 To change the default schedule 1. Click the Snapshot tab. 2. You can decide whether or not to allow users to change their settings. For more information, see Configure User’s Rights and Permissions on page 92. 3. By default, the scheduled snapshots are enabled. To disable scheduled snapshots, clear the Enable Scheduled Snapshot checkbox. 4. Select the Snapshot type: Full system snapshot or Partial snapshot. We recommend that you keep Snapshot Type set to Full System Snapshot. Partial snapshots do not provide Full System Recovery protection. 5. Select the boxes next to the days of the week that you want snapshots to run. 6. In the Start Scheduled Snapshot, select the time range in which you want members of the collection snapshot to start. This is not necessarily when it will be completed by. In addition to scheduled time intervals, you can set up the following options. Allow Recovery Agent to initiate scheduled snapshot While this option is disabled (by default), Recovery Server initiates snapshots by sending TCP/IP packets on client’s 43189 port. This may not be acceptable in case client is behind a firewall. Select this box to initiate snapshots from the client side. Notes Scheduled snapshots initiated from the client may start with a short delay (up to 5 minutes). Client jobs started from the Altiris Console will work even in case 43189 port is closed. But the jobs (snapshot, restore, rollback) may be delayed up to 15 minutes. As soon as user turns on the computer Select this box to have Recovery Solution start the snapshot scheduled for each day as soon as the protected computer is turned on. It is not necessary for a user to log onto the computer for the snapshot to start, but the computer must already have a physical connection to the network. Note The snapshot will not start immediatelly after logon. It starts after a 12-minute timeout in local mode or after a 10-minute timeout in network mode. This option is generally useful for desktop computers connected to a LAN. A snapshot is started only if there is one scheduled to take place at the same time or later on the same day, or if the end time for the snapshot scheduled for the previous day has not yet been reached. A snapshot is not started if its scheduled time has passed, even if one did not take place during the scheduled time period. A snapshot runs only once each day, no matter how many times the computer is turned on. Recovery Solution Reference Guide As soon as user resumed the computer 79 Select this box to have Recovery Solution start the snapshot scheduled for each day as soon as the protected computer is resumed (after having been suspended). Note The snapshot will not start immediatelly after resuming the computer. It starts after a 8-minute timeout in local mode or after a 6-minute timeout in network mode. This option is generally useful for laptop computers. A snapshot is started only if there is one scheduled to take place at the same time or later on the same day, or if the end time for the snapshot scheduled for the previous day has not yet been reached. A snapshot is not started if its scheduled time has passed, even if one did not take place during the scheduled time period. A snapshot runs only once each day, no matter how many times the computer is suspended and resumed. As soon as user docks the computer Select this box to have Recovery Solution start the snapshot scheduled for each day as soon as the protected computer is docked. Note The snapshot will not start immediatelly after docking the computer. It starts after a 7-minute timeout in local mode or after a 5-minute timeout in network mode. This option is generally useful for laptop computers. A snapshot is started only if there is one scheduled to take place at the same time or later on the same day, or if the end time for the snapshot scheduled for the previous day has not yet been reached. A snapshot is not started if its scheduled time has passed, even if one did not take place during the scheduled time period. A snapshot runs only once each day, no matter how many times the computer is docked. As soon as the computer idle state reaches Select this box to have Recovery Solution start the snapshot scheduled for each day as soon as the protected computer goes into an idle state. Specify the timeout (6 minutes in local mode or 4 minutes in network mode by default) in the field nearby. A snapshot is started only if there is one scheduled to take place at the same time or later on the same day, or if the end time for the snapshot scheduled for the previous day has not yet been reached. A snapshot is not started if its scheduled time has passed, even if one did not take place during the scheduled time period. A snapshot runs only once each day, no matter how many times the computer goes into an idle state. 7. Miscellaneous Snapshot Settings Take snapshot when user is logging off Select this box to have Recovery Solution start a snapshot as soon as a user logs off, restarts, or shuts down the protected computer. At logoff time, the snapshot runs automatically after a short delay. Before it runs, the user has the chance to skip the snapshot. A snapshot will run again the next time a user logs off the computer. Recovery Solution Reference Guide 80 Note The Windows registry setting that controls the application timeout should be set to at least 20000 (the value in milliseconds) on the protected computer in order to ensure that snapshots have time to start before Windows completes the logoff process. The registry value is HKEY_CURRENT_USER\Control Panel\Desktop\HungAppTimeout, which is a string value that is configurable per user. Attempt to wake the Agent before a scheduled snapshot This option allows for computers that are sleeping (standby) to be woken up to have snapshots taken. This allows snapshots to be done after hours during low network usage times. This option is enabled by default and is configurable on the protected computer’s properties page. For Wake on LAN from standby to work properly, the NIC needs to support Wake on LAN and the Wake on LAN needs to be enabled in the NIC properties in MS Windows For Wake on LAN from hibernate\shutdown to work properly, the NIC and the motherboard should support Wake on LAN from shutdown\hibernate and Wake on LAN needs to be enabled in the BIOS. Note The protected computer is returned to standby when snapshot is completed. Backup mount points, junction points and other reparse points (not the data they reference) Select this box to allow backup of NTFS reparse points, which is a new capability added to NTFS version 5 with the release of Windows 2000. Backup of the following reparse points is supported by default: Symbolic Links Junction Points Volume Mount Points Remote Storage Server (RSS) Note Snapshot of reparse points allows you to restore only the reparse point objects, not the data they reference. If the referenced location or data is unavailable after restore, your reparse points may become non-functional 8. Click Apply. Configure Excludes Excluding Files From Snapshots You do not want users to waste valuable server disk space by protecting unimportant files such as files in temporary folders and cache folders. You can apply exclude rules to file types, files, folders, and drives. You can set global rules that apply to a collection. You can also export an exclude list to import to other collections. Recovery Solution Reference Guide 81 Using Exceptions It is possible to add exceptions to the exclude list. For example, if you want to exclude all *.NSF files, but to include Names.NSF file, use the Edit exceptions list option . The Exceptions enhancement lets you specify only the files that you want backed up instead of having tons of exclude filters. In other words, if you only support certain applications, then you know the filetypes to include in snapshots and just configure that instead of having every other file on the filter. Example: Using the enhanced exclude list you can specify a partial snapshot that will only capture *.DOC and *.XLS files on your drive. To enable the functionality, follow these steps: 1. In the Altiris Console, select Configuration tab > Solution settings > Incident management > Recovery Solution > Recovery Agent Settings > Default Recovery Agent Settings > Excludes tab. 2. Add one or more drives into the Excludes list (for example, to exclude the whole drive C, enter “C:\” without quotes). For details, see To exclude files (page 82) 3. Add file extensions you want to include into snapshots to the exceptions list for the drive. For details, see To edit exceptions (page 83). 4. After this, schedule a partial snapshot of the drive. For details, see Configure Snapshot Settings (page 78). The snapshot will now skip all data on the designated drive except the file extensions you added as an exception. For more information, see the following: z Exporting and Importing Exclude Lists (page 83) z Files and Folders You Should Never Exclude (page 84) z Examples of Files and Folders to Exclude (page 85) To exclude files 1. Click the Excludes tab. 2. You can decide whether or not to allow users to change their settings. For more information, see Configure User’s Rights and Permissions on page 92. 3. Configure exclusion options. The list shows the currently excluded items defined for all computer or groups you are viewing. If a folder icon appears next to an item, then this item is a folder. Files by this name are not excluded unless you add another item to the list and indicate that it is a file. The reverse is true if a file icon appears next to an item. 4. Click the to add a new item to the list, or select an item and click to edit. A dialog box appears. Enter the file type, file, or folder you want to exclude; specify whether the path you entered is to a file or folder; and finally specify whether the path applies to all files or folders on a specific drive or on all drives. Enter each file, file type, or folder individually. Recovery Solution Reference Guide 82 Notes Extended ANSI characters are case–sensitive in the exclude list. Example: excluding the file type. To exclude all files on all drives, enter "*.*" and select Exclude everythere. If you select Exclude only this path and File type options, only the files in the specified folders will be excluded from snapshot; all subfolders will be included into snapshot. If you select Exclude only this path and Folder type options, all subfolders on the drive will be excluded (but not files in the root folder) will be excluded during the snapshot. You can use system environment variables when specifying the excluded items. Please note that user environment variables cannot be used. 5. Click OK. You can continue adding, editing, and removing excluded items as needed. 6. Click OK again to apply the new properties. To edit exceptions 1. Configure an exclude list using the steps listed under To exclude files on page 82. 2. On the Excludes tab, select an item and click Edit exceptions list icon . The list shows the current exceptions defined for excludes you are viewing. 3. Click the to add a new item to the list, or select an item and click to edit. The following dialog box appears. Enter the file type, file, or folder you wish to make exception for; specify whether the path you entered is to a file or folder; and finally specify whether the path applies to all files or folders on a specific drive or on all drives. Enter each file, file type, or folder individually. Note You can use system environment variables when specifying the exceptions. Please note that user environment variables cannot be used. 4. Click OK. You can continue adding, editing, and removing excluded items as needed. 5. Click OK again to apply the new properties. Exporting and Importing Exclude Lists You can configure an export list that you want to reuse for another computer or groups of computers. You can export an exclude list and then import that list for use on another computer. When you export an exclude list, the folders and files in the list are saved in a text file with an .ELF extension (Exclude List File). When you import an Exclude List File, the paths and files are added to the existing excludes. Recovery Solution Reference Guide 83 To export an exclude list 1. Configure an exclude list using the steps listed under To exclude files on page 82. 2. From the Excludes tab, click Export icon 3. Browse to the path where you want to save the Exclude List File (.ELF). 4. Enter a name for the Exclude List File (.ELF). 5. Click Save. . To import an exclude list 1. Open the exclude list for a computer or groups of computers using the steps listed under To exclude files on page 82. 2. From the Excludes tab, click Import icon 3. Browse to the path of the Exclude List File (.ELF) you want to use. 4. Select the Exclude List File (.ELF). 5. Click Open. . The contents of the .ELF are added to the exclude list. Files and Folders You Should Never Exclude Certain files and folders are required for the proper system configuration, and Full System Recovery cannot be performed without them. In addition, some file extensions, such as .DLL, are nearly always associated with valid data. z C:\, C:\DOS, C:\WINDOWS, and C:\WINNT These are boot and operating system folders necessary to start the computer. If the contents of these folders are excluded, Full System Recovery might be impossible. You should include all subfolders of the Windows folder, particularly the SYSTEM and SYSTEM32 subfolders. The only exceptions are the specific cache subfolders specified below, the contents of which you might want to exclude. z C:\BOOT.INI, C:\NTDETECT.COM, C:\NTLDR These files in the root folder are needed to start Windows 2000/XP. z *.BAT, *.COM, *.EXE These are program and command-line script files. z *.386, *.DLL, *.DRV, *.PNF, *.SYS, *.VXD These are system files needed for proper system configuration. If they are damaged, the computer might not start. Without them, Full System Recovery is impossible. z *.INI These are configuration settings. z *.DOS, *.W40 On multi-boot computers, these files store information necessary to start the computer in other operating systems. Recovery Solution Reference Guide 84 Examples of Files and Folders to Exclude If you are aware of common cache and temporary files used by your standard applications, you can exclude them from snapshots. Below are some examples of files and folders that you might want to exclude. In general, these files are not needed to completely restore a computer to working condition, but you should read the description of each item carefully before you decide to exclude it. While the data in these files is not needed by most users, some users might have a good reason for protecting them. Some of these files are excluded by default. z _RESTORE Folders by this name might be created in Windows Me and Windows XP, if the user performs a System Restore using the Windows System Restore tool. The folders contain information about past System Restores so that they can be undone. Recovery Solution provides similar but more flexible functionality with the rollback feature. z PAGEFILE.SYS This file is used to create virtual memory while Windows is running. It is usually stored in the root folder of drive C. Depending upon the computer’s configuration, the file can become quite large, although it does not contain any data that is saved between one Windows session and the next. z WIN386.SWP Like PAGEFILE.SYS, the file WIN386.SWP is used in Windows 98 to create virtual memory, and can become quite large. WIN386.SWP is a temporary file that Windows deletes whenever the computer is shut down or restarted. It is usually stored in the Windows folder. z 386SPART.PAR This is the Windows 3.1 equivalent of WIN386.SWP. If users upgraded from Windows 3.1 to their current versions of Windows, 386SPART.PAR might still exist on their computers, even though it is no longer needed. z Disk compression container files When a protected computer is running a disk compression program, such as DriveSpace (included with Windows 95), Stacker, or SuperStore, you should exclude the container files that store the compressed information. (Example: a typical DriveSpace file is named DRVSPACE.000; a typical compressed Stacker file is STACVOL.DSK). Because the container files actually hold much of the data on an entire compressed drive, it is very likely that these files will change every day. It takes much longer for Recovery Solution to find the changes in such large files and copy the data than it takes to take a snapshot of the drive itself. Simply include the letter of the compressed drive, but exclude the container files, and all data is protected. z Hibernation files Some computers and operating systems support hibernation, which allows a user to effectively turn off the computer without losing any data in memory. This is accomplished by writing the data in memory to special hibernation files, which can become quite large. Protecting these files could significantly slow down snapshots, increase the strain on the network and the server, and in some cases prevent recoveries from working properly. Recovery Solution Reference Guide 85 As long as users save their work before putting their computers into hibernation, the only contents of the hibernation files will be nonessential information, such as the current running applications, window positions, and view settings. Listed below are some of the hibernation files used by various systems. z HIBERFIL.SYS is used by Windows XP and Windows 2000. HIBRN8.DAT is used on Compaq notebooks. PM_HIBER.BIN is used on IBM notebooks. SAVE2DSK.BIN is used on IBM notebooks. TOSHIBER.DAT is used on Toshiba computers. VMMHIBER.W9X is used by Windows Me. C:\TEMP Some computers use this folder as a storage place for temporary files. z C:\WINDOWS\TEMP and C:\WINNT\TEMP These folders store temporary files. z *.TMP Files with this extension are usually temporary files. z ~*.* Files that begin with a tilde ( ~ ) are usually temporary files. z Web browser cache As users browse the Web, the browser stores files, such as HTML documents and graphics files, in a cache folder on the computer. Over time, the cache folder can become quite large, sometimes containing thousands of files. These files are saved only to improve the speed of Web browsing; they are usually not needed by the browser or by users. If Microsoft Internet Explorer is the Web browser, the browser cache file is usually the TEMPORARY INTERNET FILES subfolder of the Windows folder. If the Web browser is Netscape Navigator, the browser cache is usually located somewhere within the Netscape Navigator folder. z *\MSDOWNLD.TMP Folders by this name are created and used by Microsoft Web sites when software is downloaded and installed from those sites. These folders are usually created in the root of a hard drive, and they might exist on multiple hard drives. They are not needed once the software installation is complete. z Internet history If Microsoft Internet Explorer is used, the HISTORY subfolder of the Windows folder contains information about Web sites that have been visited, allowing users to easily return to those sites at a later time. This information is generally not important. z *.GID, *.FTS, *.FTG Files with these extensions are usually cache files that get created automatically when a Help file is opened. These cache files do not store any information that is necessary to use Help. z *.BAK Files with this extension are typically backup files that applications create automatically while the main data files are being edited. A *.BAK file can sometimes Recovery Solution Reference Guide 86 be used to restore the data in case the main file becomes corrupted, but since copies of the main data file are also being stored on the server, there should rarely be a need to include *.BAK files in snapshots. z RB001.CAB, RB002.CAB, RB003.CAB, RB004.CAB, RB005.CAB Some versions of Windows store registry backups using these file names. Since the registry is protected during Full System Snapshots, there should be no need to include the registry backup files as well. z C:Program Files\Altiris\Recovery Solution Agent\Data\C\*.DTF These cache files are used by Recovery Solution to help speed up snapshots. Recovery Solution will recreate them if necessary. If users have more than 1 hard disk drive, you might want to add the additional DATA subfolders DATA\D\*.DTF, DATA\E\*.DTF, and so forth, to exclude all these files. Caution You should not exclude all .DTF files everywhere (*.DTF). This file extension is also used by other applications. Configure Rollback Data Here you specify the file types to exclude from rolling back and deleting. These file types are considered to be user data files or documents and will not be rolled back or deleted unless you select Restore all files in the Rollback settings. To exclude files from rolling back and deleting 1. Click the Rollback Data tab. 2. You can decide whether or not to allow users to change their settings. For more information, see Configure User’s Rights and Permissions on page 92. 3. Configure exclusion options. The list shows the currently excluded items defined for all computers or groups you are viewing. If a folder icon appears next to an item, then this item is a folder. Files by this name are not excluded unless you add another item to the list and indicate that it is a file. The reverse is true if a file icon appears next to an item. 4. Click the to add a new item to the list, or select an item and click . A dialog box appears. Enter the file type, file, or folder you want to exclude; specify whether the path you entered is to a file or folder; and finally specify whether the path applies to all files or folders on a specific drive or on all drives. Enter each file, file type, or folder individually. Note Extended ANSI characters are case–sensitive in the exclude list. Example: excluding the file type. 5. Click OK. You can continue adding, editing, and removing excluded items as needed. Recovery Solution Reference Guide 87 6. Click OK again to apply the new properties. Exporting and Importing Exclude Lists You can configure an export list that you want to reuse for another computer or group of computers. You can export an exclude list and then import that list for use on another computer. When you export an exclude list, the folders and files in the list are saved in a text file with an .XML extension. When you import an Exclude List File, the paths and files are added to the existing list. To export an exclude list 1. From the Rollback Data tab, click Export icon . 2. Browse to the path where you want to save the Exclude List File (.XML). 3. Enter a name for the Exclude List File (.XML). 4. Click Save. To import an exclude list 1. From the Rollback Data tab, click Import icon . 2. Browse to the path of the Exclude List File (.XML) you want to use. 3. Select the Exclude List File (.XML). 4. Click Open. The contents of the .XML are added to the exclude list. Configure Space Management Use space management to specify how long you want to keep protected files for. You set up space management policies in two stages: 1. Set rules that tell Recovery Solution what files you want to delete and how old they must be. 2. Schedule one or more times each week for Recovery Solution to actually delete the files. To set space management rules 1. Click the Space Management tab. 2. To limit the computer storage space on the server on per protected computer basis, select the Enable quota checkbox. If the protected computer exceeds the quota, then all snapshots from the protected computer will be blocked until the limit is increased or the storage space used by this protected computer on the server is decreased during retention job. Note We strongly recommend not using storage space limits until most of the protected computers have successfully completed their initial snapshots. You can specify the following settings: Recovery Solution Reference Guide Storage space limit per protected computer 88 Issue warning when storage usage reaches The warning message will be displayed on clients. Log event when a user exceeds warning level Select this box if you want to log the event when the level is exceeded. Show message to the user Select this box if you want to show a message to the user when the level is exceeded. 3. If you want to apply default rules to all files, then under Default Rules, check either or both of the following: Delete snapshots older than This option deletes all files from the snapshots of the protected computers you have selected, after the amount of time you specify has elapsed. Delete files after they have been deleted from a Protected Computer This option deletes only files that were included in a snapshot but that a protected computer has since deleted. The files are deleted from the snapshots only after the originals have been removed from the computers, and then only after the amount of time specified here has elapsed. 4. Under Exception Rules, use the Add icon make exceptions to the default rules. , Remove icon , and Edit icon to You can specify exceptions at the folder or file level, and you can use wild cards to specify files of a specific type. You can specify as many exception rules as you wish. The exceptions always take precedence over the default rules. It does not matter whether the period of time you specify for the exception is longer or shorter than the default. However, if a particular file is included in more than one exception rule, it is kept for the longest length of time specified by any of the rules that contain it. Example: if you keep the folder “C:\My Documents” for 1 year and “*.doc” files for 2 years, then the file “C:\My Documents\Status.doc” is kept for 2 years. In each rule, you can select or clear the box labeled This item is critical for Rollback or FSR. Select this box to indicate that the item in this rule must be present in a snapshot in order for rollback or Full System Recovery to succeed. Once this item has been deleted from a snapshot, the snapshot no longer appears in the list of snapshots that are valid for rollback or Full System Recovery. Note By default, a rule is added for the file WINFAL.LOG to ensure that you do not accidentally remove it. This file is stored by Recovery Solution on each protected computer, and it contains a record of all the files needed to start the computer. You can change the rule, but remember that this file must be present in a snapshot if you intend to perform a Full System Recovery from the snapshot. 5. When you have finished, click OK. 6. Click Apply. Recovery Solution Reference Guide 89 Configure Throttling and Connection (server-based only) You can set bandwidth throttling options that let you limit the network bandwidth used when taking snapshots and restoring files. You can set bandwidth throttling options globally for all protected computers, for protected computer groups, or individual protected computers. You can also give the user rights to set bandwidth throttling options from the Recovery Agent Options dialog. For more information, see Configure User’s Rights and Permissions (page 92). To configure bandwidth throttling options 1. Click the Throttling tab. 2. Set Snapshot Throttling Settings: Limit snapshot speed to You can select the maximum network bandwidth used when taking snapshots. Do not start snapshot if transfer rate is less than You can select the minimum network bandwidth used when taking snapshots. Do not start automatic snapshots over WAN connection Select this box to restrict automatic scheduled snapshots from running when client computer is on the WAN, connected using Virtual Private Networking (VPN), or Remote Access Service (RAS). Consider protected computer to be on WAN connection if the number of gateways between the computer and Recovery Solution Server is greater than Specify the number of hops that the signal sent from a protected computer to the server must perform in order for the protected computer’s location to be regarded as Wide Area Network (WAN). (Default: 2) 3. Set Restore Throttling Settings Limit restore speed to You can select the maximum network bandwidth used when restoring files. 4. Configure Connection Management. Your organization may have a large number of users running snapshots and restoring data on the cluster, so you will want to be sure the network does not come to a halt because too many users are accessing it simultaneously. You can limit the number of connections to the cluster during the day or night, and control network bandwidth using the Throttling tab. 5. Under Work time definition, specify when daytime starts and ends. 6. Under Maximum simultaneous connections, specify throttling options for scheduled snapshots. Note These settings have no effect on server jobs (such as server space management). Recovery Solution Reference Guide Specify the maximum number of scheduled jobs that can be running at any one time during the day. 90 Daytime is defined with the Work time definition options on this tab. Nighttime is defined with the Work time definition options on this tab. 7. Under Manual jobs, specify throttling options for manual protected computer jobs. Manual jobs include snapshots started by users and recoveries (including Full System Recovery). Note These settings have no effect on server jobs (such as server space management). Daytime is defined with the Work time definition options on this tab. Nighttime is defined with the Work time definition options on this tab. 8. Click Apply. Configure Remote Access (server-based only) Recovery Solution lets you define how it will handle snapshots through remote access (Example: dial up connections or VPN connections). By default, protected computers always inherit the default remote access settings for the collections. But in some cases you might want to change the default settings to better suit your time zone and network environment. To change the Remote Access settings 1. Click the Remote Access tab. 2. Chose a Snapshot type: Full system snapshot or Partial snapshot. We recommend that you keep Snapshot Type set to Full System Snapshot. Partial snapshots do not provide Full System Recovery protection. 3. Choose which drives to take a snapshot of. By default, all local drives are selected. 4. Snapshot Settings Take each day’s snapshot as soon as I start remote access Select this box to have Recovery Solution start a snapshot as soon as the protected computer has a remote access connection. Note Changing this setting will only affect clients that have configured remote access connection (VPN or dial up). 5. Display a message before taking the snapshot Take each day’s snapshot as soon as computer connects to server Continue incomplete snapshot from the break point Skip Outlook files snapshot Click Apply. Recovery Solution Reference Guide 91 Configure Performance (local mode only) To set the performance settings 1. Click the Performance tab. 2. You can decide whether or not to allow users to change their settings. For more information, see Configure User’s Rights and Permissions on page 92. 3. Set the Priority of Recovery Agent operations. Priority Level The priority level indicates how much of the computer resource, such as CPU and disk access, Recovery Agent will leave for other applications. The lower the setting the more resources for other applications. 4. Click Apply. Configure Storage Management (local mode only) This tells the Recovery Agent at install where to create the Altiris partition for snapshot data. As an administrator, you can change the rights assigned to each collection of users. To manage your storage 1. Click the Storage Management tab. 2. You can decide whether or not to allow users to change their settings. For more information, see Configure User’s Rights and Permissions on page 92. 3. Click the Add Storage icon 4. Enter the path to the storage location. . The following restrictions apply (otherwise the location will not be added): Additional storage location cannot reside on a system hard disk drive. Additional storage location must exist on clients to which the policy is applied. 5. If you want to limit the amount of disk space used then check Limit storage capacity to enter a maximum MB to use. 6. Click OK. 7. If you want to specify where the Temporary retention folder is to be located, enter the string. By default, it is located in the system temporary folder. 8. Click Apply. Configure User’s Rights and Permissions By default, all Recovery Solution users are allowed to use certain parts of the software. As an administrator, you can change the rights assigned to each user. Note All these options can also be set on each specific settings page. Recovery Solution Reference Guide 92 To assign rights to a protected computer 1. Click the Rights tab. 2. Select Inherit rights if you want this computer’s rights to be inherited from the group or the server that contains it. 3. Select or clear the Protected Users Rights options you want. The following rights can be configured. Perform manual snapshots Select this box to allow users of this computer to manually initiate snapshots. Perform restore Select this box to allow users of this computer to perform restore. Perform rollback Select this box to allow users of this computer to perform rollbacks. Accelerate scheduled snapshots Select this box to allow users of this computer to manually initiate snapshots. Enable Local Recovery Agent (server-based mode) Check this box to allow users of this computer to enable Local Recovery Agent functionality. Manage Altiris Partition (local mode) Select this box to allow users of this computer to change the Altiris Partition settings. Create Recovery DVD (local mode) Select this box to allow users of this computer to create Full System Recovery DVDs locally. 4. Select or clear the User Permissions options you want. The following rights can be configured. 5. Allow to edit snapshot settings Allow to append snapshot excludes Allow to append rollback excludes Allow to edit space management settings Allow to edit performance settings (local mode) Allow to edit storage management settings (local mode) Allow to edit miscellaneous settings Allow to edit F11 recovery settings Allow to edit bandwidth throttling settings Communication settings (server-based mode) Remote access settings (server-based mode) Click Apply. Recovery Solution Reference Guide 93 Configure Miscellaneous Settings The following Recovery Agent options can be configured by an administrator as well as by a user at a protected computer: z Display Settings z Health Alerts Setting (server-based only) z Communication Settings (server-based only) z F11 Recovery Settings (local-mode only) To configure miscellaneous settings 1. Click the Misc tab. 2. You can decide whether or not to allow users to change their settings. For more information, see Configure User’s Rights and Permissions on page 92. 3. Under Miscellaneous Settings, select or clear the Display Options you want. Notify user when a scheduled snapshot completes successfully Select this box if you want the user at the protected computer to see a message when snapshots that have been scheduled complete successfully. Notify user when a scheduled snapshot fails Select this box if you want the user at the protected computer to see a message when a scheduled snapshot fails. Notify user when disk configuration change(s) Select this box if you want a user at the protected computer to see a message after a drive configuration change. To ensure that all files are protected, the user or administrator should verify the computer’s schedule for snapshots as soon as possible after a drive configuration change. If the schedule is not updated, then files stored on new drives or drives for which drive letter assignments have changed might not get included in snapshots. Show progress indication of the scheduled snapshot This option configures the status indicator dialog to be displayed during a snapshot. This option is disabled by default and is configurable on the protected computer’s properties page. Show the Welcome Screen when I start Window This option configures the welcome screen to be displayed during login to windows. This option is enabled by default and is configurable on the protected computer’s properties page. Show the status icon in the Welcome system tray This option configures the status icon to be displayed into the system tray. This option is enabled by default and is configurable on the protected computer’s properties page. Show Recovery Agent options in Start Menu This options defines whether the Recovery Agent menu will be put in the Windows Start menu. Recovery Solution Reference Guide 94 Show Recovery Agent desktop icon This option configures the Recovery Agent Icon will be put on the desktop of the protected computer. This option is enabled by default and is configurable on the protected computer’s properties page. Hide client UI This option configures the status indicator dialog to not be displayed during a snapshot. This option is disabled by default and is configurable on the protected computer’s properties page. User interface language This option configures the language to be displayed in the Recovery Agent on the protected computer. This option is disabled by default and is configurable on the protected computer’s properties page. 4. Select or clear the Other Options you want (server-based only). Use encryption when communicating with the Server This option is disabled by default and is configurable on the protected computer’s properties page. 5. Select or clear the Health Alerts Settings you want. Show health alert if a snapshot has not occurred in Select this box if you want the user at the protected computer to see a message when snapshots that have been scheduled complete successfully. The user will always see a message if a snapshot fails, whether or not this box is selected. Show health alert if an upgrade has not occurred in Select this box if you want a user at the protected computer to see a message if the Recovery Solution User’s software needs an upgrade. 6. Modify the Communication Settings (server-based only). Connection type You can choose from three connection types for the protected computer to communicate to the Recovery Server: DCOM HTTP HTTPS If you are using balanced cluster, you can either use HTTP or HTTPS. If you are using a non-balanced cluster, you can use any of the three. Generally, using DCOM can provide faster communication by as much as 10-20%. However, DCOM may not work well behind fire walls or on slow WAN connections. In those cases, HTTP will be the preferred option. The Recovery Server supports multiple protocols being used at the same time. It is possible to have a different protected computer use a different protocol, depending on the collection and policy that a protected computer is using. Recovery Solution Reference Guide Use Altiris Agent proxy settings for HTTP/HTTPS communication between Recovery Agent and Server 95 (enabled by default) Clear this checkbox if you do not want the Recovery Agent to use the Altiris Agent proxy settings (in case they are configured on the client computer) for HTTP/HTTPS communication with the server. Notes The Altiris Agent on client computers uses the proxy server settings configured through Windows Control Panel > Internet Options > Internet Properties > Connections tab > LAN Settings > Proxy server. The Recovery Server computer must be visible to the proxy server used by the client for communication. Enable Altiris Recovery Agent to modify Windows Firewall settings Clear this checkbox if you do not want the Recovery Agent to modify Windows Firewall port exception rules on client computers. Note By default, when the Recovery Agent service starts on protected computers running Windows XP or Windows 2003 Server, it will add port 43189 to the Windows Firewall exceptions. On Windows XP and Windows 2003 client computers without a service pack or with SP1, the Internet Sharing Configuration dialog box will appear upon Altiris Recovery Agent service startup asking to give the C:\Program Files\Altiris\Recovery Solution Agent\AeXRSAgt.exe permission to edit Internet Connection Protection settings. The users must select Do not show this dialog again and then click Yes to let the Recovery Agent service modify the Windows Firewall exceptions. When the Recovery Agent service stops, the port 43189 will be removed from the Windows Firewall exceptions. 7. Modify the F11 Recovery Settings (local-mode only): Show F11 Recovery prompt Clear this box if you want the F11 Recovery prompt not to appear at the protected computer start. Protect F11 Recovery with password Select this box if you want the user to be prompted for a password when launching the F11 Recovery. Specify the password in the Password field. 8. Click Apply. Recovery Solution Cluster Configuration Using the cluster properties page, you can perform the following cluster configuration tasks: z General Settings (page 97) z Configuring Server Job Schedules (page 98) z Configuring Event Notifications (page 101) z Configuring Storage Management (page 101) Recovery Solution Reference Guide 96 z Managing Recovery Solution Servers (page 106) z Managing Cluster Users (page 108) z Configuring Communication Settings (page 110) For information on creating a cluster, see Creating a Recovery Solution Cluster (page 36). To open the cluster properties page 1. Open the Altiris Console by clicking Start > Programs > Altiris > Altiris Console. 2. Click the Configuration tab 3. In the left pane, select Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Solution Clusters > Recovery Solution Cluster Configuration. 4. Click the cluster node. General Settings Changing General Cluster Settings 1. Open the Altiris Console by clicking Start > Programs > Altiris > Altiris Console. 2. Click the Configuration tab. 3. In the left pane, select Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Solution Clusters > Recovery Solution Configuration. 4. Click the cluster node. 5. Click the General tab. 6. Change the name of the cluster. 7. Change the address of the cluster. 8. Change the Recovery Solution database user credentials. Note If you have multiple cluster databases on the server, changing credentials for one them will affect the other clusters as well. Caution Two or more Recovery Solution clusters created on one or more server computers and connecting to the same SQL server must use the same Recovery database user credentials. 9. (optional) Select or clear Enable cluster load balancing support. If selected, the Cluster Address needs to be the virtual IP address of the load balancer. 10. (optional) Enter or Change the IP Address of the Load Balancer. Note This is only used for F5 BIG-IP Blade Controller. 11. Click Apply. Recovery Solution Reference Guide 97 Note If the storage locations are entered not using UNC paths, then you must change them from local paths to UNC paths before you uninstall the Recovery Server, otherwise you cannot change the cluster. Without an active Recovery Server, the storage type will not be changed in the Recovery Database. Configuring Server Job Schedules There are serveral types of jobs that are not associated with any particular protected computer. These are collectively called server jobs. Delete Marked Items This job deletes files and folders marked for deletion and initiates storage compaction to consolidate the “empty space” after deletion. Note You do not have to schedule Deletion Jobs if Server Space Management jobs are already scheduled. Server Space Management automatically deletes any files or folders marked for deletion. Integrity check This job checks to make sure that all of the data included in snapshots actually exists on the server. Recovery Solution verifies the presence of the data, but does not verify that the information is intact or recoverable. This job also updates statistics in the database in order to keep performance optimized The following options are available for the Integrity Check server job: z Delete lost protected data files Check this option to have the Integrity Check job delete the information about the protected data file in the database in case the file is missing from the raw storage. z Delete unrecoverable protected data files Check this box to have the Integrity Check job delete the information about the protected data file in the database in case the file is corrupted. If integrity job finds a corrupted block, it will try do the following things: 1. If there is more than one storage group, then integrity job will try looking for the valid block located in other storage groups. 2. Integrity job will perform database cleanup. This involves database information that refers to the corrupted blob block and will be removed from the database. There are three cases: File data block is corrupted - the entire file will be removed from the database, the user will not be able to restore the file or some of its revisions. Security data block is corrupted - only security record will be removed from the database, so user will not be able to restore file security for some files. Full system recovery block is corrupted - full system recovery blocks will be removed from the database, so user will not be able to perform full system recovery or rollback from the snapshots that refer to that full system recovery block, that snapshot will not be visible in data recovery wizard. Recovery Solution Reference Guide 98 Note The same process runs during snapshot - if the agent that performs the snapshot tries reading the corrupted block, the references to this block will be removed from the database, and the agent should backup that data again. If data was corrupted, the file will be backed up again; if the security block is corrupted, the security descriptors will be backed up again. There is no handling for corrupted full system recovery blocks. Perform CRC Select this box to have the Integrity Check job use Cyclical Redundancy Checking to verify that the data found matches the original data stored during snapshots. Recovery Solution checks the integrity of the information in the “BLOB” files. While a successful integrity check with CRC makes it likely that most files can be recovered, it does not guarantee that any individual file is actually recoverable, as it handles file corruptions the same way as integrity check without CRC. Using this option can cause the Integrity Check job take a very long time to run, so you should be selective when and how often you run it. Server Space Management This job provides the same functionality of Delete Marked Items job with the following additional benefits: z Blob data storage retention occurs according to the Server Space Management rules. z Server space management job CPU throttling can be managed via the console. Storage Locations Synchronization This Job performs regular storage synchronization between synchronous storage groups (i.e. Main Storage) and asynchronous mirrors. The frequency of this job determines how current these mirrors are. This server job only needs to be scheduled if the cluster has asynchronous storage. To schedule server jobs 1. Click the Server Schedules tab. 2. From the Job list, click the type of job you want to schedule. Note Although you can only select one job at a time from the list, you can enter its schedule, then click other items to schedule them. 3. In the Days area, check the boxes next to the days of the week you want this job to run. 4. Under Start Job, specify a time window within which you want the job to start. Note The job is not necessarily completed within this time window. However, you should ensure that the start window is reasonably long, because if the server is busy when Recovery Solution tries to start the job then it might be skipped until the next day or week (depending on your schedule). Recovery Solution Reference Guide 99 You might want to use the Job Schedule Worksheet (page 274) to help you plan out appropriate times to run server jobs. 5. (Server Space Management Job only) Force deletion of the recently excluded files During the SSM job, this will cause the automatic deletion of any files or folders that have been configured by the user to be excluded. 6. (Server Space Management Job only) Server space management job CPU throttling This is the maximum amount of server processing to be use for this job. 7. (Server Space Management Job only) Storage Compaction Compaction is a form of compression used on NTFS volumes performed by Recovery Solution itself rather than the operating system. Compaction works by consolidating the “empty space” stored inside protected data (“BLOB”) files. In most cases the main benefits of compaction occur when protected data is deleted. Recovery Solution only applies compaction to the data during server space management and deletion jobs. 8. (optional) Compact compressed volumes This will use compaction on operating system compressed volumes 9. (optional) Minimum space to reclaim (% data file size): default is 50%. This option configures the minimum amount of unused space in a raw storage file (BLOB) that would trigger the compaction. The purpose of the Compaction is to reclaim space on non-compressed NTFS and FAT16/32 volumes. It also decreases the actual number of BLOBs, that is useful if you plan to backup BLOBs to tape. Decreasing the number of BLOB files is also good for the general file-system performance. Setting this option to a lower value, 10% for example, causes the Compaction to occur even if the amount of unused space is as low as 10% of the entire disk space occupied by a BLOB. A higher value set, 50% for example, makes the Server Space Management job reclaim unused space only when at least 50% of the entire BLOB file is empty. Thus a lower value reclaims more disk space to the prejudice of the speed of the job. On the contrary, a higher value makes the job complete faster while more free space is retained unused. An optimal value depends on the specific Server Space Management job schedule and the amount of data in raw storage. Note In most environments enabling Compaction or changing its settings will not result in any reduction of space utilization, as normally BLOBs are already compressed by NTFS compression. 10. Click Apply. In addition, any pending job in the job queue that is scheduled to run at a later time can be accelerated to run immediately. For more information, see Job Schedule Worksheet (page 274). Notes All server jobs runs on only one Recovery Solution Server and it is not fault tolerant. All server jobs run according to the time setting of the Recovery Solution Server that is the machine physically running the job. Recovery Solution Reference Guide 100 Configuring Event Notifications Recovery Solution can notify by e-mail if a specific event has occurred. An example of such an event is “Unable to recover file”. Note SMTP server and port settings used for notifications must be properly configured during Notification Server setup or afterwards through the Altiris Console > Configuration tab > Server Settings > Notification Server Settings > E-mail Configuration, otherwise Recovery Solution e-mail notifications will not work. To add an event notification 1. Open the Altiris Console by clicking Start > Programs > Altiris > Altiris Console. 2. Click the Configuration tab. 3. In the left pane, select Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Solution Clusters > Recovery Solution Configuration. 4. Click the cluster node. 5. Click the Events tab. 6. Enter an e-mail address to send the alert to. 7. Enter the subject line of the alert. 8. Click the add event notification icon 9. Select an event. . 10. Click Apply. 11. Click Apply. To delete an event notification 1. Open the Altiris Console by clicking Start > Programs > Altiris > Altiris Console. 2. Click the Configuration tab. 3. Select Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Solution Clusters > Recovery Solution Configuration. 4. Click the cluster node. 5. Click the Events tab. 6. Choose the event you wish to delete. 7. Click the delete event notification icon . Configuring Storage Management A Storage Group defines a logical group of physical storage space to be managed as a unit. Storage Groups are used to simplify the management of storage devices. They allow groups of physical storage to be treated as a single resource. When additional storage groups are added, the data is synchronized from the main storage group and Recovery Solution Reference Guide 101 after synchronization then all groups are synchronous updated and the system is mirrored. Note There must be one synchronous storage group in a cluster. Storage Group By default there is a Main Storage storage group. By adding additional storage groups you are mirroring the BLOB data. There are two types of mirrors that can be added synchronous and asynchronous. A synchronous mirror adds the data is update in the mirror at the same time the data is update in the Main Storage. Asynchronous mirror updates when the Storage Locations Synchronization server job runs which needs to be scheduled by the administrator. In case one mirror goes offline during snapshot (restore), snapshot continues to (from) another mirror. Space management and Integrity Check jobs work simultaneously with all mirrors. In case whole BLOB file created only on one mirror, then it is copied to other mirrors by Storage Locations Synchronization job. In case only some blocks were unsynchronized, then these blocks also synchronized by Synchronization job. There are three actions you can do to a storage group: add, edit and delete. To add a storage group 1. Open the Altiris Console by clicking Start > Programs > Altiris > Altiris Console. 2. Click the Configuration tab. 3. Select Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Solution Clusters > Recovery Solution Configuration. 4. Click the cluster node. 5. Click the Storage Management tab. 6. Click the add group name icon 7. Enter a name for the new group. 8. (optional) If the group is to be updated Asynchronous, select the checkbox. 9. Click Ok. . To edit a storage group 1. Open the Altiris Console by clicking Start > Programs > Altiris > Altiris Console. 2. Click the Configuration tab. 3. Select Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Solution Clusters > Recovery Solution Configuration. 4. Click the cluster node. 5. Click the Storage Management tab. 6. Choose the group you wish to edit. 7. Click the edit group name icon Recovery Solution Reference Guide next to the group name. 102 8. You can either change the name of the group or change updating between synchronous and asynchronous. 9. Click Ok. To delete a storage group 1. Open the Altiris Console by clicking Start > Programs > Altiris > Altiris Console. 2. Click the Configuration tab. 3. Select Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Solution Clusters > Recovery Solution Configuration. 4. Click the cluster node. 5. Click the Storage Management tab. 6. Choose the group you wish to delete. Click the delete storage group icon next to the group name. Storage Location In the Main Storage storage group there will be at least one storage location that was specified at installation of Recovery Solution. There are six actions you can do to the storage location: add, edit, enable, disable, move and delete. To add a storage location 1. Open the Altiris Console by clicking Start > Programs > Altiris > Altiris Console. 2. Click the Configuration tab. 3. Select Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Solution Clusters > Recovery Solution Configuration. 4. Click the cluster node. 5. Click the Storage Management tab. 6. Choose the group you want to add a storage location to. 7. Click the Add Storage Location icon 8. Enter a data storage location. This can be either an IP address, a DNS name, or a computer name where hard drive space will be used. The format for entering this information is \\<servername>\<sharename>\<directory>. 9. Select Limit storage capacity to if you do not want to use all the free space on the specified drive. Enter a maximum space to be used (MB), or enter 0 for unlimited. above list of storage location for that group. 10. If this is a remote location, provide authentication credentials. Notes Use domain (not local) user credentials, otherwise the storage location will be inaccessible. A remote share permissions and folder security must be configured to allow full access to the user accessing the share. Recovery Solution Reference Guide 103 You must not add network storages located on computers from domains, which are not trusted by the Recovery Server domain. Also, do not use the credentials of users from the non-trusted domains to access the storage locations. Storage status will be reported ‘Inaccessible’ after adding such storages. The reason is that Recovery Server cannot be impersonated under a user account from a non-trusted domain. 11. Click OK. 12. Click Apply. To edit a storage location 1. Open the Altiris Console by clicking Start > Programs > Altiris > Altiris Console. 2. Click the Configuration tab. 3. Select Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Solution Clusters > Recovery Solution Configuration. 4. Click the cluster node. 5. Click the Storage Management tab. 6. Select the group you want to add a storage location to. 7. Click the Edit Storage Location icon group. 8. You may edit the amount of storage space to use and authentication credentials. 9. Click OK. above the list of storage locations for that 10. Click Apply. To enable a storage location 1. Open the Altiris Console by clicking Start > Programs > Altiris > Altiris Console. 2. Click the Configuration tab. 3. Select Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Solution Clusters > Recovery Solution Configuration. 4. Click the cluster node. 5. Click the Storage Management tab. 6. Select the group you want to enable a storage location too. 7. Select the storage location you wish to enable. 8. Click the Enable Storage Location icon group. 9. Click Apply. above the list of storage locations for that To disable a storage location 1. Open the Altiris Console by clicking Start > Programs > Altiris > Altiris Console. 2. Click the Configuration tab. Recovery Solution Reference Guide 104 3. Click Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Solution Clusters > Recovery Solution Configuration. 4. Click the cluster node. 5. Click the Storage Management tab. 6. Select the group you want to disable a storage location. 7. Select the storage location you wish to disable. 8. Click the Disable Storage Location icon group. 9. Click Apply. above the list of storage locations for that To move data files 1. Open the Altiris Console by clicking Start > Programs > Altiris > Altiris Console. 2. Click the Configuration tab. 3. Select Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Solution Clusters > Recovery Solution Configuration. 4. Click the cluster node. 5. Click the Storage Management tab. 6. Select the group you want to move a data file from. 7. Select the storage location you which data file you wish to move. 8. Click Move Data File. 9. Select where you wish to move the data file to. 10. (optional) Click Disable the storage after its contents has been moved. 11. (optional) Click Delete the storage after its contents has been moved. 12. Select one Move all This will move all the data from the one location to the other. Move an mount of storage from the totaled stored Move the ID in a range 13. Select one Start Job Now will start the data file move now. Schedule job allows you to choose a data and start time frame for the job to be executed. 14. Click Ok. 15. Click Apply. To delete a storage location 1. Open the Altiris Console by clicking Start > Programs > Altiris > Altiris Console. 2. Click the Configuration tab. Recovery Solution Reference Guide 105 3. Select Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Solution Clusters > Recovery Solution Configuration. 4. Click the cluster node. 5. Click the Storage Management tab. 6. Select the group you want to delete a storage location. 7. Select the storage location you wish to delete. 8. Click the Delete Storage Location icon above the list of storage locations for that group. 9. Click Apply. Note You must manually delete the storage files after deleting a storage location. Managing Recovery Solution Servers A Recovery Solution Cluster must have at least one Recovery Solution Server. If Load Balancing is turned on for a given Recovery Solution Cluster, multiple Recovery Solution Servers can be set up. To install a Recovery Solution Server 1. Open the Altiris Console by clicking Start > Programs > Altiris > Altiris Console. 2. Click the Configuration tab, and then click Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Solution Clusters > Recovery Solution Cluster Configuration. 3. Click the Recovery Solution Server Install task. 4. In the right content pane, select the cluster you want to add a server to. 5. Click the Add Server 6. Select the computer you want to install as a Recovery Solution Server. 7. Click OK. 8. (Optional) To override default installation folders, click Installation Settings. 9. Click Install Server. icon. 10. You can accept the default installation settings or changes them. Click Proceed with Install. It will take a few minutes for the server component to install. The rollout page shows the status of the server rollout process. Click the Refresh the page. icon to refresh After the installation is complete, the server will appear in the list of servers for the cluster under the Servers tab of the cluster properties page. Altiris Recovery Solution Server will also appear in the Add/Remove Programs list on the computer it was installed on. Recovery Solution Reference Guide 106 To view Recovery Solution Servers 1. Open the Altiris Console by clicking Start > Programs > Altiris > Altiris Console. 2. Click the Configuration tab. 3. Click Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Solution Clusters > Recovery Solution Configuration. 4. Click the cluster node. 5. Click the Servers tab. The following information is displayed for each server for that cluster: Name of the server Domain which the server resides The IP address of the server The current status of the server To disable a Recovery Solution Server 1. Open the Altiris Console by clicking Start > Programs > Altiris > Altiris Console. 2. Click the Configuration tab. 3. Click Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Solution Clusters > Recovery Solution Configuration. 4. Click the cluster node. 5. Click the Servers tab. 6. Highlight the server to disable. 7. Click the Disable Server icon 8. Click Yes. 9. Click Apply. . To enable a disabled Recovery Solution Server 1. Open the Altiris Console by clicking Start > Programs > Altiris > Altiris Console. 2. Click the Configuration tab. 3. Select Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Solution Clusters > Recovery Solution Configuration. 4. Click the cluster node. 5. Click the Servers tab. 6. Highlight the server to enable. 7. Click the Enable Server icon 8. Click Apply. . To uninstall a Recovery Solution Server 1. Open the Altiris Console by clicking Start > Programs > Altiris > Altiris Console. Recovery Solution Reference Guide 107 2. Click the Configuration tab. In teh left pane, select Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Solution Clusters > Recovery Solution Cluster Configuration. 3. Click the Recovery Solution Server Uninstall task. 4. Select the cluster which you want to uninstall a server from. 5. Highlight the server you wish to uninstall. 6. Click Uninstall Server. 7. Click Yes. To stop or start a Recovery Solution Server service See Stopping and Starting the Recovery Solution Server Service (page 289). Managing Cluster Users Recovery Solution uses Microsoft Domain users and groups only for authentication. To view users of a Recovery Solution Cluster 1. Open the Altiris Console by clicking Start > Programs > Altiris > Altiris Console. 2. Click the Configuration tab. 3. Select Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Solution Clusters > Recovery Solution Configuration. 4. Click the cluster node. 5. Click the Users tab. To add a user or domain group to a Recovery Solution Cluster 1. Open the Altiris Console by clicking Start > Programs > Altiris > Altiris Console. 2. Click the Configuration tab. 3. Select Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Solution Clusters > Recovery Solution Configuration. 4. Click the cluster node. 5. Click the Users tab. 6. Click the User Add icon 7. Check User if you wish to add a Domain User. 8. Check Groups if you wish to add a Domain Group. 9. Select where to search: . Local Domain enter the domain name 10. Select type of query either Equals or Starts With. 11. Enter name or part of name to search for. Recovery Solution Reference Guide 108 12. Click Find. 13. Highlight users to add. 14. Click Ok. 15. Click Apply. To delete a user or domain group from a Recovery Solution Cluster 1. Open the Altiris Console by clicking Start > Programs > Altiris > Altiris Console. 2. Click the Configuration tab. 3. Select Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Solution Clusters > Recovery Solution Configuration. 4. Click the cluster node. 5. Click the Users tab. 6. Highlight the User or Group to be deleted. 7. Click the User Delete icon 8. Click Apply. . To enable Web-Based File Recovery for all new users 1. Open the Altiris Console by clicking Start > Programs > Altiris > Altiris Console. 2. Click the Configuration tab. 3. Select Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Solution Clusters > Recovery Solution Configuration. 4. Click the cluster node. 5. Click the Users tab. 6. Enable the Allow web-based restoration for all new users checkbox. Note This setting will affect all newly installed clients. 7. Click Apply. To enable Web-Based File Recovery for all existing users 1. Open the Altiris Console by clicking Start > Programs > Altiris > Altiris Console. 2. Click the Configuration tab. 3. Select Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Solution Clusters > Recovery Solution Configuration. 4. Right-click the cluster node. 5. Select Recovery Solution tasks > Administration > Change Web Access settings > Enable from in the drop-down list. 6. In the Enable Web Access dialog, click Ok. Recovery Solution Reference Guide 109 Configuring Communication Settings 1. Open the Altiris Console by clicking Start > Programs > Altiris > Altiris Console. 2. Click the Configuration tab. 3. Select Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Solution Clusters > Recovery Solution Configuration. 4. Click the cluster node. 5. Click the Communication tab. 6. Manage Server(s) from Altiris Console Using HTTP Binding port: the default is 80 this can be change to another port. 7. Recovery Solution Agents communication with server(s): You can choose from three connection types: DCOM HTTP HTTPS If you are configuring a balanced cluster, you can either use HTTP or HTTPS. If you are using a non-balanced cluster, you can use any of the three. Generally, using DCOM can provide faster communication by as much as 10-20%. However, DCOM may not work well behind firewalls or on slow WAN connections. In those cases, HTTP will be the preferred option. This setting is used when the cluster communicates to protected computers during the Recovery Agent installation and registration. The protocol may be different when the Recovery Agent communicates to the Recovery Server farther on. Configuration of transport protocol used after the installation can be configured on the Misc tab of Recovery Agent Settings policy. For more information on Recovery Solution Agent communication settings see Configure Miscellaneous Settings on page 94 Notes If you are using HTTP for communication the binding port will be the same port as communications between the Altiris Console and Recovery Servers If you are using HTTPS for communication the binding secure port will default to port 443 and can be change by the administrator if need. For HTTP and HTTPS ports 8080 and 8081 should not be used as binding ports used by Recovery Solution if Altiris Deployment Server is installed on the same Notification Server. Both HTTP and DCOM is used for communication between Recovery Solution Server and Notification Server. Recovery Solution Security Role Management Recovery Solution setup creates new folders and items in the Altiris Console. Each of these folders and items has certain permissions available to assign to users. In the Recovery Solution Reference Guide 110 Notification Server, roles are assigned access rights to various elements in the console. By default, setup creates new role named Altiris Recovery Solution Helpdesk Technicians, which applies specifically to the solution. Administrator can manage roles and assign each role its own set of Global Privileges in the Role Management window. Note For information on Altiris Console permissions, security and role management, see Altiris Notification Server Help. See also: Security Role Management (page 111). Security Role Management The Security Role Management page allows you to handle all of your Role Management settings. In the Notification Server roles are assigned access rights to various elements in the console. So, a user's console rights are dependent on which roles they are a member. To access this page 1. In the Altiris Console, select the Configuration tab. 2. In the treeview pane, navigate to Configuration > Server Settings > Notification Server Settings. 3. In the treeview pane, select Security Role Management. Note There are a number of default roles in the Role Management window and each has its own set of Global Privileges. The following table lists the Recovery Solution global privileges and their default assignments. Privilege Description Assigned roles Manage Recovery Solution Agent Jobs Roles with this privilege can manage content and Recovery Solution Agent jobs which include start/cancel snapshots, restores, rollbacks. z Altiris Administrators z Altiris Recovery Solution Helpdesk Technicians Roles with this privilege can create media for Full System Recovery. z Altiris Administrators z Altiris Recovery Solution Helpdesk Technicians Roles with this privilege can start/ cancel Recovery Solution clusters' jobs. z Altiris Administrators Create FSR Media Manage Recovery Solution Cluster Jobs Recovery Solution Reference Guide 111 Privilege Description Assigned roles Manage Protected Computers Roles with this privilege can manage protected computers which include enable/disable accounts, manage users, and mark data for deletion. z Altiris Administrators Run Critical Rollbacks Roles with this privilege can run snapshots performed prior to a critical patch or a software update installation. z Altiris Administrators Administrator can control role’s access permissions for every Recovery Solution interface item in the Altiris Console by changing Security Descriptor Settings for the item. To see security settings for the item, click on the Security tab of Properties window accessible via the item’s right-click menu. Notes By default, Altiris Recovery Solution Helpdesk Technicians can only perform Recovery Agent Rollouts and have read-only access to the Recovery Agent Settings via the Altiris Console. For more information about Altiris Console permissions, security and role management, see Altiris Notification Server Help. Configuring Recovery Server to Only Run Server Jobs You may want server jobs (such as server space management) to run on a dedicated Recovery Solution Server that does not run client jobs. To configure a Recovery Solution Server to only run server jobs 1. 2. Create a new load balanced Recovery Solution Cluster. For instructions, see Creating a Recovery Solution Cluster on page 36. If you are planning to distribute client jobs among several servers, use the load balancer address to specify Recovery Solution Cluster address. Configure the load balancer properly to forward requests from the clients to the server. For additional information, see Configuring the Load Balancer on page 27. If you are planning to distribute server and client jobs between two servers, use the address of the server that will run client jobs. Add the new servers to the cluster. For instructions, see Adding Recovery Solution Servers to a Recovery Cluster on page 40. By default, all the servers can run both server and client jobs. The server dedication to running server or client jobs is determined by the value stored in the Role column of the Vault table found in the Recovery Solution database. You can use Microsoft SQL Server tools to modify the server role. Recovery Solution Reference Guide 112 Caution Be extremely careful when modifying the Recovery Solution database. If you accidentally change or delete the wrong values, the solution may stop working properly. The following values can be assigned: 0 - the server is dedicated for snapshots 1 - the server is dedicated for server jobs 2 - the server accepts any kind of jobs Example If you want some server to run only server jobs, change the value in the column Role for the server to 1. If you want some server to run only server jobs, change the value to 0. Scan for applied critical patches and Software Delivery tasks This policy updates Recovery Solution databases with patch and Software Delivery task execution data. You can either enable the policy to run on schedule, or execute the policy once by clicking on the Execute button. To access and enable the policy 1. From the Altiris Console, click the Configuration tab. 2. Click Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Solution Clusters > Recovery Solution Cluster Configuration. Scan for applied critical patches and Software Delivery tasks. 3. Set the Enable checkbox and click Apply. Manage Lost Recovery Solution Agents Using this policy, you can manage clients that are not displayed in other Notification Server collections. These may be clients, for which two or more accounts exist in the Recovery Solution Database, or for which the account exists in the Recovery database but is missing in the Altiris database. To access this policy 1. In the Altiris Console, click the Configuration tab. 2. In the left pane, click Confguration > Solution Settings > Incident Management > Recovery Solution > Recovery Solution Clusters > Recovery Solution Cluster Configuration > Manage Lost Recovery Solution Agents. Recovery Solution Reference Guide 113 Chapter 6 Recovery Solution Tasks This chapter lists the tasks that you can perform using Recovery Solution. z General Recovery Solution Tasks in the Altiris Console (page 114) z Viewing Recovery-related Information about Individual Computers Using the Resource Manager (page 114) z Performing Basic Recovery Tasks (page 116) z Manage Agent Setup Packages (page 127) General Recovery Solution Tasks in the Altiris Console On the Tasks tab, predefined policies perform the following tasks: Tasks Link to information Agent Settings Decryption/ Encryption Utility AeXRSEnc Utility (page 279) Altiris Partition Removing Utility BWINST Utility (page 288) Convert encrypted files on FAT partitions Convert Encrypted Files on FAT Partitions (page 128) Erase the protected computer’s partition table Erasing the Partition Table (page 146) Manage Agent Setup package Manage Agent Setup Packages (page 127) Restore data from Full System Recovery CD or DVD-ROMs Restoring Data From Full System Recovery Media (page 146) Restore data using the Migrate utility Restoring Data with the Migration Utility (page 130) To access the Recovery Solution task policies, open the Altiris Console, click the Tasks tab, and then click Tasks > Incident Management > Recovery Solution. Viewing Recovery-related Information about Individual Computers Using the Resource Manager You can use the Resource Manager to view recovery-based information about individual client computers. You can view the following information: z Summary Information: The cluster that files are backed up to The last snapshot start and end time Recovery Solution Reference Guide 114 z z z The snapshot status The number of files and amount of bytes backed up The space used to store backed up files Inventory Information: Name, version, and last update time of the Recovery Agent. Address of Recovery Solution Cluster the computer is connected to Altiris Partition: size, available space, amount of recovery data Size and date of image creation Recovery Agent database: size and last update time Event Information (Example): Agent registration Snapshots started and completed Snapshots failed Service started Connection failures Recovery Agent settings defined and customized by a user (not the administrator) Notes Inventory information is available only after the Altiris Agent on the client computer has reported inventory data to the Notification Server. By default, inventory data is reported once daily. Only the settings defined by the user will be displayed (not the settings defined by the administrator). To view the recovery-based information about a computer in the Resource Manager 1. Click the computer item in either a report or collection. a. Example: click the Configuration tab, In the left pane, select Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Agent Settings folder. b. Click the Computers with Recovery Agent installed to cluster collection. c. Double-click a computer in the collection. The resource manager for the computer opens. 2. For summary information, click Recovery Summary under the Summaries tab. 3. For inventory information, click Recovery Solution > AeX RSA Configuration under the Inventory tab. 4. For event information, click Recovery Solution > AeX RSA Events under the Events tab. Recovery Solution Reference Guide 115 Performing Basic Recovery Tasks Users can recover their own files by browsing to them in Windows. Instructions for recovering files are contained in Recovery Solution User’s Guide. Normal file recovery is possible as long as Windows and Recovery Solution are functioning properly. If the computer cannot be started, it might be necessary to perform Full System Recovery. For more information see Full System Recovery on page 131. For information on more advanced tasks, see Advanced Snapshot and Recovery Procedures on page 128. Caution You cannot restore encrypted files to drives using FAT or FAT32. See also: z Running Server Jobs (page 116) z Performing Recovery Tasks on Individual Computers Using the Resource Manager (page 117). Running Server Jobs You can run various server jobs through the cluster right-click menu in the Altiris Console (Configuration > Solution Settings > Incident Management > Recovery Solution Recovery Solution Clusters > Recovery Solution Cluster Configuration > (right-click a cluster) > Recovery Solution Tasks > Start Server Job). The following server jobs are available for immediate running: z Delete Marked Items For information about this job, see Delete Marked Items on page 98. z Integrity Check For information about this job, see Integrity check on page 98. z Server Space Management For information about this job, see Server Space Management on page 99. z Storage Locations Synchronization For information about this job, see Storage Locations Synchronization on page 99. You can also delete all users’ snapshot data from data storage and from the Recovery Database by right-clicking the cluster name > Recovery Solution Tasks > Delete All User Data. In addition, the following administration and client tasks are available through the cluster right-click menu (Configuration > Solution Settings > Incident Management > Recovery Solution Recovery Solution Clusters > Recovery Solution Cluster Configuration > (right-click a cluster) > Recovery Solution Tasks). These tasks apply to all clients installed on the Recovery Solution cluster. z z Administration Change Account’s Status Change Web Access Settings Mark Files for Deletion Start Client Jobs Recovery Solution Reference Guide 116 z Rollback To the Last marked Snapshot To the Last Snapshot Accelerate Scheduled Snapshot Snapshot Now... Performing Recovery Tasks on Individual Computers Using the Resource Manager Administrators or helpdesk personnel can restore or delete files and/or folders from snapshots without having to remote control in to the client. If you need to perform recovery tasks on an individual client computer, you can do so through the Resource Manager. You can use the Resource Manager tasks to do the following: z Accelerate a Scheduled Snapshot (page 118) z Create a Full System Recovery Image (page 118) z Disable/Enable a Computer Account (page 118) z Manage Full System Recovery Image (page 118) z Manage Protected Data (page 118) z Manage the Users of a Protected Computer (page 120) z Mark the Client Computer Account to be Deleted (page 120) z Mark Files for Deletion (page 120) z Perform a Rollback (page 122) z Perform a Snapshot Now (page 127) Note Recovery tasks are available only after the Altiris Agent on the client computer has reported inventory data to the Notification Server. By default, inventory data is reported once daily. In case port 43189 port is closed, client jobs (such as snapshot, restore, rollback) initiated from the Altiris Console may start with a delay of up to 15 minutes. For details, see Configure Snapshot Settings on page 78. To perform recovery-based tasks on a computer using the Resource Manager Click the computer item in either a report or collection. 1. Example: on the Configuration tab, select Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Agent Settings folder. 2. Click the Computers with Recovery Agent installed to cluster collection. 3. Double-click a computer in the collection. The resource manager for the computer opens. Recovery Solution Reference Guide 117 You can also select a collection or one or more computers in a collection and choose Recovery Solution Tasks from the right-click menu to access a list of recovery tasks. Accelerate a Scheduled Snapshot You can start the next scheduled snapshot for the protected computer. 1. From the Task tab of the Resource Manager, click Accelerate Scheduled Snapshot. The snapshots run immediately on the computer, and their schedules are modified to clear all further snapshots for the remainder of the day. A snapshot for each computer runs on the next day defined in its schedule. Create a Full System Recovery Image You can create a Full System Recovery Image for the protected computer. For more information, see Full System Recovery Disk Creation on page 134. Disable/Enable a Computer Account You can enable or disable the computer’s ability to perform recovery tasks. 1. From the Task tab of the Resource Manager, click Disable/Enable Account... 2. Check or clear the checkbox to Enable or Disable the account 3. Click Ok. Note You can enable or disable all computers at once through the right-click context menu for a cluster or a collection of computers with Recovery Solution Agent installed: right-click the cluster name > Recovery Solution Tasks > Change Account's Status > Disable/ Enable Accounts. Manage Full System Recovery Image You can manage Full System Recovery images for the computer. This option lets you copy or delete Full System Recovery images for the computer. 1. From the Task tab of the Resource Manager, click Manage FSR Images... A list shows the Full System Recovery images and their properties. 2. To copy an image, highlight it and click the copy icon. 3. To delete an image, highlight it and click the delete icon. Manage Protected Data This feature lets administrators view which files are backed up and delete the files that do not need to be protected. The restore function will restore files and folders to the original location on the protected computer. You can restore the following file revisions: z Latest Version Recovery Solution Reference Guide 118 Choose this option to display only the most recent snapshot of each file. Even files that were not included in the most recent snapshot are displayed, as long as they were in some previous snapshot. z All Versions Choose this option to display all snapshots of your files. If you're viewing all file details (View menu), the Snapshot Taken column shows the date and time that each snapshot was originally run. Note In some cases the time displayed under Snapshot Taken might be the only distinguishable difference between two or more versions of a file. This could happen if the file itself did not change between snapshots, but the properties of the file did. Example: Recovery Solution creates a new version of the file if the only change is in its NTFS security attributes. If you have installed the Recovery Agent more than once (or if your software was automatically updated from the server), you might have the following additional options: z Snapshots From All Installations Choose this option to display protected files from all of your Recovery Agent installations. If you're viewing all file details (View menu), the Snapshot Taken column shows the date and time that each snapshot was originally run. z Snapshots From Current Installation Choose this option to display protected files only from your current Recovery Agent installation. z Snapshots From Previous Installations Choose this option to display protected files only from your previous Recovery Agent installations. If you're viewing all file details (View menu), the Snapshot Taken column shows the date and time that each snapshot was originally run. Note If a particular file or folder originated on an NTFS drive, and you do not have at least read access to the file or folder, then you cannot see it in the list of protected files. However, if you restore a folder containing the secure item, the item will also be restored (but you still won't have access to open it). To restore and delete files 1. From the Task tab of the Resource Manager, click Manage Protected Data. 2. In the left pane, select the path. 3. In the right pane, select the folders and files you want to mange. 4. To restore data, click Restore. After the file/folder restore is completed, the console displays a completion message. A message is also displayed on the protected computer informing the user that a file/folder restore has been performed by the Recovery Solution Administrator. Recovery Solution Reference Guide 119 5. To delete data from a snapshot, click Delete. You can manually delete specific files and folders that were accidentally backed up to the server, or that you no longer need. Files are manually deleted in two stages. 6. You tell Recovery Solution which items you want to delete. This is known as marking the items for deletion. You schedule one or more times each week for Recovery Solution to actually delete the files. For more information, see Configuring Server Job Schedules on page 98. To unmark data for deletion, click the undelete. Manage the Users of a Protected Computer This option lets you add and remove users. It can be useful to add or remove users using the dialog because this enables users to perform Web-Based File Recovery of their account data, restore data using the Migrate utility or reinstall the account using the existing account. 1. From the Task tab of the Resource Manager, click Manage Users. 2. Select a user and click the enable to disable icon, or click + to add a user, or X to delete. 3. Click Ok. Mark the Client Computer Account to be Deleted This option lets you mark the account to be deleted. This will delete all unique data stored on the server for this account. Do this only of you are sure you will never need access to the data associate with this account again. Data stored locally on the user’s computer will not be affected. Note To optimize Recovery Solution Server performance, this task will be performed during the server management job. 1. From the Task tab of the Resource Manager, click Mark Computer Account for Delete... 2. To mark the account for deletion, click Ok. Mark Files for Deletion This option lets you mark files, folders, or file types to be deleted from snapshots that were accidentally backed up to the server, or that you no longer need. You can have files deleted from a certain path only or all locations. Files are manually deleted in two stages. z You tell Recovery Solution which items you want to delete. This is known as marking the items for deletion. z You schedule one or more times each week for Recovery Solution to actually delete the files. For more information, see Configuring Server Job Schedules on page 98. Recovery Solution Reference Guide 120 Notes You can use the Largest Files report in order to determine the files taking up most space on the server. For instructions, see Using Recovery Solution Reports and Job Queue on page 153. In order to prevent the server from backing up the files and folders marked for deletion, make sure to exclude these files and folders from future snapshots. For instructions, see Excluding Files From Snapshots on page 81. To mark files or folders for deletion 1. From the Task tab of the Resource Manager, click Mark files for Delete... 2. Click the add or edit icon. 3. Under Enter the name of the folder, file or file type you wish to mark for deletion, type the name of the item you want to delete. If you want to browse for files and folders and mark them for deletion, use the Manage Protected Data (page 118) option. You can use wild cards to specify files. Example: “Cache*.*” means all files that start with “Cache”. If you want to delete a specific file or folder, you must enter the full path to that file, starting with the drive letter. If you want to delete a file or file type no matter where it exists on the drive, do not enter a path. 4. Under Enter the name of the folder or file you wish to mark for deletion, choose the description that matches the type of item you specified above. This is a folder Choose this option to specify that the name you entered above is a folder rather than a file. Files by this name will not be deleted. This is a file Choose this option to specify that the name you entered above is a file rather than a folder. Folders by this name will not be deleted. This is a file type Choose this option to specify that the name you entered above is a file type or extension. All files with this extension will be deleted. 5. Under Choose where to mark for deletion this folder or file select the locations from which you want the item to be deleted. Exclude this folder or file name everywhere Choose this option to delete the item from every location on the server. Exclude only this path on Choose this option to specify that the text you entered above should be treated as a path to a specific folder or file. If you choose this option but you specify only a folder or filename without a path, the folder or file is only deleted from the root of the drive. Example: if you type LOGFILE.TXT as the name of the item to delete, then choose “Mark this path for deletion on,” Recovery Solution deletes files such as C:\LOGFILE.TXT Recovery Solution Reference Guide 121 and D:\LOGFILE.TXT (depending on your drive settings below). However, LOGFILE.TXT files found elsewhere on a drive are not deleted. Specify below which drives you want to delete the item from. - All drives Choose this option to delete the above path from every drive. - This drive only Choose this option to delete the above path only from a specific drive. Specify the drive letter in the box. 6. Click Ok. Perform a Rollback The rollback option lets you return a computer to the state it was in at the time of a Full System Snapshot. This is useful if a protected computer can be started but is not functioning properly. (If the computer cannot even be started, you need to use Full System Recovery instead.) A rollback can be performed by the administrator, or by the user (if the administrator has allowed it). Notes You can only roll back a computer if the disk configuration is the same as it was at the time of the snapshot you are recovering. Example: if drive letters were changed or drives were re-sized on the computer since the time of a snapshot, then you cannot roll the computer back to this point. You cannot roll back a Windows 2000/XP protected computer that uses disk volume sets, stripe sets, or fault-tolerant drives. Performing a rollback could cause some evaluation software to claim that it has expired, preventing further use of the software. Before rolling back a computer, Recovery Solution automatically runs a Full System Snapshot of the computer to ensure that the most recent files are protected. After the rollback, the user can restore any needed files that were overwritten by the rollback. If you do not need the extra level of data protection (Example: if the protected computer’s current data is already backed up somewhere) you can prevent the snapshot from running. To do so, modify the protected computer’s Windows registry to add or edit the following value: HKEY_LOCAL_MACHINE\SOFTWARE\Altiris\eXpress\Recovery Solution Agent\NoSnapshotRollback This is a DWORD value that should be set to either 0 (meaning the snapshot will be performed) or 1 (meaning the snapshot will be skipped). For additional rollback help, see Rollback Troubleshooting on page 224. Recovery Solution Reference Guide 122 To roll back a protected computer 1. Before starting a rollback, you should ensure that there are no other programs open on the protected computer. Recovery Solution automatically runs a Full System Snapshot before the rollback starts (unless you have turned that option off), so closing all programs helps to ensure that the latest versions of all data files are protected. 2. From the Task tab of the Resource Manager, click Rollback... 3. Select a snapshot to return the protected computer to that point in time. Only Full System Snapshots are listed. If any date and time settings are different between the computer and the server, some older snapshots might not be available for rollback. To see all available snapshots, the following settings must be identical on your computer and the server: the date and time, the time zone, the state of the option to automatically adjust the clock for Daylight Savings Time (whether this option is on or off). The snapshots affected by the Server Space Management job or containing some corrupted data removed by the Integrity check job are not displayed. The snapshots performed before applying a critical patch and from previous Recovery Agent installations (performed before upgrade or reinstallation with an existing account) will not be displayed on the server’s Rollback dialog unless you enable the Show critical snapshots and snapshots from previous RS Agent installations option. This will not display previous snapshots on the client's Rollback dialog. You can show snapshots from a previous Recovery Agent installation, but it is not recommended. Notes If the protected computer previously had Microsoft Office 97 installed but upgraded to Microsoft Office 2000, you should try to avoid rolling back the computer to a point in time when Office 97 was installed. This might cause some Office files to be restored incorrectly. If you must do this, you might need to reinstall Office 2000 after the rollback is complete. If any date and time settings are different between the protected computer and the server, some older snapshots might not be available for rollback. To see all available snapshots, the following settings must be identical on the protected computer and the server: (1) the date and time; (2) the time zone; (3) the state of the option to automatically adjust the clock for Daylight Savings Time (whether this option is on or off). 4. Select the items to restore. Note If rollback is performed using a snapshot from an earlier version of Recovery Solution, then after the recovery is complete, Recovery Agent must be reinstalled on the protected computer with the user’s existing account. Recovery Solution Reference Guide 123 Restore system and application files only: Choose this option to restore only those files required to run the operating system and installed applications. User data files are not restored. Note Recovery Solution determines if a file is considered “user data” by looking at the file extension. The list of user data file extensions is specified on the Rollback Data tab of the protected computer’s properties. All file extensions not listed here are considered to be system or application files, and are restored during any type of rollback. (The configuration of rollback data is available only to administrators through the console, not to protected computer users.) It is not always obvious from a file’s extension whether the file is a system file or a data file. Example: the .DAT file extension is used by some applications to store information that is actually part of the program, while other applications use it to store options or cached data, and still others use it as a default file extension for data files created by users. Before you start a rollback of system files only, you should examine the list of user data file extensions to be sure that they match the set of files that you consider to be user data. By default, Recovery Solution considers most files to be system data. This is done to ensure that the system works properly after the rollback. However, you might want to add data file extensions to the user data list (thereby preventing the rollback of these files) for the following reasons. z Files that are not excluded from the rollback are overwritten if an older version exists in the snapshot. z Excluding files that do not need to be rolled back means that the rollback can be completed in a shorter amount of time. Here are some examples of additional data file types you might want to specify. *.bmp (bitmaps) *.htm (HTML files) *.mp3 (compressed sound files) *.nsf (Lotus Notes mail files) *.txt (text files) *.wav (sound files) *.zip (compressed zip files) Restore all files (including your data files): Choose this option to restore data files as well as program files. All of your applications and settings will be returned to their previous state, and all of your data will be restored. Caution This option overwrites data files as well as program files. Some of your files might be overwritten with older versions. Recovery Solution Reference Guide 124 Roll back master boot record Click Roll back master boot record if you want to restore the computer’s master boot record and the boot sectors of all primary partitions. The master boot record is necessary to start Windows. It contains information about the computer’s disk partitions and passes this information along to other programs in order to start the computer. The partition tables themselves are not rolled back by Recovery Solution, but the program that reads the partition information is. You might want to roll it back if you suspect that it has become damaged or infected by a virus. Note Some virus protection programs, such as Norton Antivirus 5.0, have an option to protect the computer’s boot code. If the protected computer has Norton Antivirus installed with this option turned on, and the master boot record has changed since the time of the snapshot being restored, then during the rollback Norton Antivirus prompts the user to accept or reject the rollback changes to the master boot record. Whether the user decides to accept or reject the change, the rollback continues normally but does not restore either the master boot record or the Windows registry. Caution If the file system of a drive has been changed since the snapshot selected for rollback (Example: from FAT to NTFS), then the drive’s boot sector is not restored during rollback. This could cause the drive to become unbootable after the rollback is complete. Enable Rollback file deletion Click Enable Rollback file deletion if you want to delete protected computer files that are not present in the snapshot you are rolling back to. Which files get deleted depends on what you choose to roll back. If you roll back only system and application files, then only system and application files that are not present in the snapshot are deleted. If you do not choose this option, no files are deleted during the rollback. Note You can set a default value for this option for each protected computer in the protected computer’s properties (Rollback Data tab). Note After the rollback is complete, a text file named DELETION.LOG, stored in the protected computer’s installation folder for Recovery Agent, contains information about which files were deleted. 5. Select the rollback method. Recovery Solution Reference Guide 125 This selects the method you want to use to determine whether or not files have changed. An item is restored only if it is different from the protected copy on the server. Check file properties only (faster) Choose this option if you want Recovery Solution to check the properties (size, date/time) of each file to determine whether or not it has changed. If any of these file properties are different for the file on the protected computer than they are for the protected copy on the server, the file is restored. If all file properties are the same, the file on the protected computer is assumed to match the protected copy, and restoration of that file is skipped. Although unlikely, it is possible that two files can have the same file properties but contain different data. If you want to ensure that such files are restored, click Check all file data (more thorough). Check all file data (more thorough) 6. Choose this option if you want Recovery Solution to check the contents each file to determine whether or not it has changed. This is a more thorough method than checking only the file properties, but if you choose this option, the rollback might take considerably longer. Click Ok to begin the rollback. Notes If you are rolling a computer to a state where protected files must be replaced, a Windows File Protection message may appear on the protected computer. If there is a user at the protected computer, the user should either cancel the prompt to restore files (choosing to keep the existing files), or simply ignore the prompt altogether. Certain error conditions that cause the rollback not to succeed might not report that condition back to the console. If the rollback seems to be running for an excessively long time, you should check the protected computer itself to see if any errors have occurred. An administrator can cancel the job from the console job queue. Depending on the files restored, the protected computer might need to be restarted at the end of the rollback process. If the protected computer’s drive configuration has changed since the time of the snapshot to which you are rolling back, then the old drive configuration is restored, but it is possible that one or more drives contains no data. To restore the data, perform a second rollback to the snapshot you chose for the first rollback. Temporary folders might have to be recreated manually. These are usually not included in snapshots and are therefore not restored to the protected computer. Certain applications might require the existence of temporary folders before they will work properly. In versions of Windows that include the System Restore feature, Recovery Solution creates a restore point before starting the rollback. Recovery Solution Reference Guide 126 Perform a Snapshot Now This option lets you start a snapshot of a protected computer without affecting its schedule (a snapshot still runs at the next scheduled time). 1. From the Task tab of the Resource Manager, click Snapshot Now. 2. Specify the snapshot type. 3. Select the path to take a snapshot of. 4. To change the path, click the pencil icon. 5. Click OK. Manage Agent Setup Packages Using this utility the administrators can modify what files and get installed on the Protected Computer at time of install. A common uses is installing custom corporate splash screen. To perform recovery-based tasks on a computer using the Resource Manager 1. Open the Altiris Console by clicking Start > Programs > Altiris > Altiris Console. 2. Click the Tasks tab 3. Select the Tasks > Incident Management > Recovery Solution folder. 4. Click the Manage Agent Setup package policy. 5. Download the application ASPack Utility by clicking on the link. 6. Execute ASPack. 7. Enter the location of the package. The default path for the Recovery Agent Solutions Setup files is C:\Program Files\Altiris\Notification Server\NSCap\Bin\Win32\X86\Recovery Agent Package 8. There are two files that can be modified: AgentSetup.exe and Data1.cab. 9. Select if you want to overwrite the source package. If you clear this box, enter a location and filename of the new package. 10. Select the action to perform for AgentSetup: you can only modify the package files Data1.cab: you can modify the package files or change the client splash screen. 11. Click Start. 12. Add and delete files as needed and click Finish. Recovery Solution Reference Guide 127 Chapter 7 Advanced Snapshot and Recovery Procedures This section describes procedures for performing certain types of advanced snapshots and recoveries. These are procedures that are likely to be performed by an administrator or to involve administrator assistance to users. Normal data protection and recovery of typical workstations should not require these procedures. Ordinarily, Recovery Solution performs snapshots according to a set schedule (see Configure Snapshot Settings on page 78). This section describes the following procedures: z Convert Encrypted Files on FAT Partitions (page 128) z Restoring a User’s Data to a Different Computer (page 129) z Full System Recovery (page 131) z Using the Snapshot Command-Line (page 147) z Using RSACmd.exe Utility (page 152) Convert Encrypted Files on FAT Partitions A user can restore encrypted files on FAT partitions. Because these files are restored in raw encrypted form, the user cannot read them. To convert restored files from the raw encrypted form into the regular encrypted form, the user can use the EFSCONV utility. After the files are converted, the user can access the converted files, but only if they had access to the files before the backup. EFSCONV can be used to convert raw encrypted files restored by Web-based File Recovery. EFSCONV can also be used when the Recovery Agent failed to apply the “encrypted” attribute to a restored file (Example: when there is not enough space to create the regular encrypted file). In this case the restored file remains in raw encrypted form and the user can use EFSCONV to convert it to the regular encrypted form. Efsconv.exe is located on the Recovery Solution Server at C:\Program Files\Altiris\Recovery Solution\Console. You can also access it through the Altiris Console on the Tasks tab under Tasks > Incident Resolution > Recovery Solution > Convert Encrypted Files on FAT Partitions. To Convert Encrypted Files on FAT Partitions 1. Restore encrypted files to a FAT partition, or use the Web-based File Recovery. 2. Enter the following command at the command prompt: EFSCONV.EXE <restored raw file path> <destination file path> Note The destination path must be on the NTFS partition. Recovery Solution Reference Guide 128 Restoring a User’s Data to a Different Computer The following options are available for restoring a user’s data to a different computer. z Web-Based File Recovery (page 129) z Reinstall Recovery Agent Using the Same Account (page 129) z Restoring Data with the Migration Utility (page 130) z Restoring Data From Full System Recovery Media (page 146) Note Members of AeXRS_Managers group created during cluster setup can restore user data using Web-Based File Recovery and the Migration utility for any protected computer. Web-Based File Recovery Users can recover files over the Internet by browsing to a Web site located on the server for Recovery Solution. This allows users to access their protected data from any location, not just from computers that have Recovery Agent installed. For information about using Web-Based File Recovery, see Using Web-Based File Recovery (page 57). Note Using Web-Based File Recovery, you cannot restore file and directory data from symbolic links and junctions ("soft links"). Reinstall Recovery Agent Using the Same Account If the installation is done using an existing account, the user will have access to all previous snapshot data. Note With Windows domain security, multiple computers being protected by the same server can use the same NT account. However, if installation using the same account is done on a new computer, make sure that the new computer has a unique computer name. For more information on how to re-install the Recovery Agent, see Interactive WebBased Agent Setup Wizard (‘Pull’ Installation) (page 53). For specific information on how to install the Recovery Agent using an existing account, see Reinstalling the Recovery Agent using an Existing Account on page 57. After the agent has been re-installed, you can view files from previous installations. To view files from previous installations 1. On the protected computer, open the Recovery Agent Options dialog box 2. Click the Snapshot and Restore tab. 3. Click Restore Files. 4. Click Advanced Selection. 5. In Windows Explorer, click View > Recovery Solution Versions > Snapshots From Previous Installations. Recovery Solution Reference Guide 129 Restoring Data with the Migration Utility You can use the Migrate utility to restore data to a computer other than the one from which it was protected. Users can restore data to or from any computer on the network that is accessible with their domain user account. The ability to restore to alternate destinations makes the migrate utility very versatile. Use the utility to do the following: z Restore data to a new or upgraded computer. z Restore data to alternate media, such as a CD-ROM. Example: you can restore to a computer connected to a storage device such as a CD-ROM writer. Then use the CD-ROM writer software to write to the CD-ROM. This can be useful if the user is offsite and you need to ship data from the user’s desktop. Note This utility allows you to migrate only data files. If you need to migrate a user’s entire system, including all application settings, you should use the full migration feature instead. To run the Migrate utility 1. Download the program AeXMigrt.exe. The migrate utility, AeXMigrt.exe is located on the Recovery Solution Server at C:\Program Files\Altiris\Recovery Solution\Console. You can also access it through the Altiris Console on the Tasks tab under Tasks > Incident Resolution > Recovery Solution >Restore Data with the Migration Utility. 2. At the user’s computer, do the following. Ensure that Recovery Agent is installed. Ensure that the user is logged on appropriately. If this user has originally installed the Recovery Agent, then he or she will not be prompted to log on. Otherwise, this user will need to log on and supply a domain name as well. 3. Copy AeXMigrt.exe from the floppy to the hard drive of the destination computer and run it. 4. In the dialog box that opens, enter the user’s logon information. 5. Click OK to continue. A dialog box shows all of the user’s snapshot data. Use the dialog box to select folders or files for restore and specify a location on the destination computer. If the user ran snapshots on more than one computer, each computer appears in the dialog box. 6. When the restore is complete, remove the floppy from the destination computer and delete AeXMigrt.exe from the computer’s hard drive. Recovery Solution Reference Guide 130 Caution Protect network security. Do not leave the utility on a user’s computer. The utility is for use when you need to restore data from a different protected computer, but with this capability, users might access data that you do not want them to. Failure Messaging If a failure occurs during a restore, information is provided in a log file. The log file is stored as C:\Program Files\Altiris\Recovery Soluiton Agent\Data\ CRA_Restore_<date of the restore>.log. You can open the log file in a text editor. Migrating a User to a New Computer Altiris provides a way to migrate user accounts, computer settings, and files through Altiris® PC Transplant Pro™. For more information, see www.altiris.com/products/ pctransplantpro/. Full System Recovery When other recovery methods are not possible, you can use Full System Recovery to recover an entire protected computer using CD/DVD-ROMs, PXE, and USB media. This section explains how to create Full System Recovery images and use Full System Recovery in server-based mode. z Full System Recovery Overview (page 131) z Full System Recovery Setup (page 133) z Full System Recovery Disk Creation (page 134) z Full System Recovery Using PXE (page 139) z Full System Recovery from USB Media (page 139) z Running Full System Recovery (page 143) z Restoring Data From Full System Recovery Media (page 146) z Erasing the Partition Table (page 146) Note Full System Recovery is also available for protected computers running Local Recovery Agent. For details, see Full System Recovery Options (page 54). Full System Recovery Overview Use Full System Recovery when other recovery methods, such as file restore and rollback, cannot be used. Full System Recovery restores an entire protected computer to the state it was in at the time of a Full System Snapshot that you choose. The operating system itself is recovered, as well as all applications, settings, and data files. This includes disk partitions and volumes and the restored disk must be either the same size or larger. The main reason to use Full System Recovery is if a protected computer is damaged to the point that it cannot even start Windows. However, you might also use Full System Recovery from to recover notebooks or other computers that do not have a fast Recovery Solution Reference Guide 131 connection to the network. For those computers, alternatives such as rollback might take too long. See also: z Full System Snapshots Are Necessary for Full System Recovery (page 132) z What Happens During Full System Recovery (page 132) z Constraints of Full System Recovery (page 132) Full System Snapshots Are Necessary for Full System Recovery To ensure Full System Recovery protection, computers must have periodic snapshots with the Full System Snapshot option selected. The other snapshot type, Partial snapshot, does not provide Full System Recovery protection. In addition, you should make sure that snapshots include all files necessary to start the protected computer. Although boot and system drives are always included in Full System Snapshots and cannot be removed, it is possible that some files required to start specific drivers, services, or applications could be stored on other drives. Unless you have a good reason for excluding a particular drive, you should ensure that schedules include all protected computer drives. For instructions on scheduling snapshots, see Configure Snapshot Settings on page 78. What Happens During Full System Recovery While most users can manage ordinary recoveries of their own data files, Full System Recovery does require some administrator involvement. If a computer fails, the typical Full System Recovery process is the following. 1. The administrator creates a set of Full System Recovery disks. 2. The administrator or the user starts Full System Recovery by restarting the protected computer with the Full System Recovery disk. 3. User input is required to initiate the DOS part of a FSR (except for Full System Recovery from USB media), authentication is required to start the file recovery, and a restart is required at the end of the FSR. Recovery Solution performs the following steps during Full System Recovery. z Partitions and formats the hard disk drives. z Restores the basic operating system and settings. z Restores the remaining data. Constraints of Full System Recovery The following are conditions that must be met in order to successfully perform Full System Recovery. z Full System Recovery can be performed from a Full System Snapshot that was done using previous versions of Recovery Solution. To use snapshots from earlier versions (back to 3.2), you must add all the user data to the CD/DVD-ROM image set. Recovery Solution Reference Guide 132 z Drives formatted with the NTFS file system are always recovered with the default allocation unit size of 512 bytes, regardless of the allocation unit size the drive originally had. z Full System Recovery cannot be performed on a protected computer running disk compression software (such as DriveSpace or Stacker). z Full System Recovery cannot be performed on a Windows 2000/XP protected computer that uses dynamic disks. For a list of RAID adapters certified for Full System Recovery, see Hard Disk Support on page 297. z In general, Full System Recovery can only be performed on the same protected computer from which the Full System Snapshot was performed. In some cases Full System Recovery can be performed on a computer that is not the same as the originally protected computer, but there are limitations. Specifically, the recovered computer must match the originally protected computer in the following ways. The hard disk adapter types must match. Example: if the original computer had an IDE hard disk adapter, the recovered computer cannot have a SCSI hard disk adapter. The network adapter cards must match. The drivers required to run the hardware must match. The hard disks on the recovered computer must be large enough to hold the protected drives; during Full System Recovery, Recovery Solution cannot separate files that were originally stored on the same drive. z Full System Recovery cannot re-create RAID configuration. So, before starting the Full System Recovery on a computer with RAID, you must ensure that the configuration is correct, or manually recreate the RAID configuration to be the same as it used to be at the time of the snapshot selected for Full System Recovery. z The trial periods of shareware applications (like PerfectDisk, for example) can expire after Full System Recovery because of the license violation prevention mechanisms these applications use. z Full System Recovery can be performed only with the same keyboard and mouse, which were used during snapshot selected for Full System Recovery. For example, Full System Recovery will not work if PS2-compatible mouse and keyboard were used during snapshot, but during FSR USB-compatible mouse and keyboard were attached. Full System Recovery Setup Caution The most important step you can take to prepare for Full System Recovery is to ensure that all protected computers have regular Full System Snapshots scheduled. Partial snapshots do not provide Full System Recovery protection. For instructions on scheduling snapshots, see Configure Snapshot Settings on page 78. You must also create a folder for storing FSR images and share that folder. Example: \\servername\FSRShare. See also: Items You Need at Recovery Time (page 134). Recovery Solution Reference Guide 133 Items You Need at Recovery Time You need to have the following items ready when you run Full System Recovery. z Hardware and software required to create CDs or DVDs (for Full System Recovery from CD/DVD) Recovery Solution does not create CD/DVD-ROMs for you. You must create CD/ DVD-ROMs from the Full System Recovery images before you can recover the protected computer. z z 1 blank or reusable 3.5" 1.44 MB diskette (if the protected computer cannot boot from CD-ROM or DVD) Make sure that the disk is blank or that you do not need any of the existing data on it. When the Full System Recovery is complete you no longer need the disk, so you can reuse it for future recoveries. CD-ROM or DVD driver (if the protected computer cannot boot from CDROM or DVD, and its CD-ROM or DVD drive has a SCSI interface) for Full System Recovery from CD/DVD. The boot diskette supports most EIDE CD-ROM drives automatically. If the protected computer has a SCSI CD-ROM drive that requires drivers to be loaded before it can be accessed, you must add the drivers to the boot floppy disk. For more information, see Full System Recovery Disk Creation on page 134. Full System Recovery Disk Creation Creating the CD-ROMs or DVDs for Full System Recovery is usually a simple procedure. You can create the disks at the time you need to run Full System Recovery. To create Full System Recovery media 1. In the Altiris Console, select any protected computer. a. Example: Click the Configuration tab. In the left pane, select Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Agent Settings folder. b. Click the Computers with Recovery Agent installed to cluster collection. c. Double-click a computer in the collection. The resource manager for the computer opens. d. Click the Tasks tab. e. Click Create FSR Image. Notes Your browser must be set to run ActiveX applets. If the Altiris Web site is configured to require SLL, to use the Full System Recovery Wizard, you must either clear the Require SSL checkbox before downloading the Wizard ActiveX component or use the Altiris Console from the computer where Notification Server has been installed. You can also right-click the computer in the collection and select Recovery Solution Tasks to access a list of recovery tasks. In this case, right-click the Recovery Solution Reference Guide 134 computer and click Recovery Solution Tasks > FSR Tasks > Create FSR Image. 2. Click Specify path. 3. Specify the share location where Full System Recovery images will be stored (see Full System Recovery Setup on page 133). 4. Click Ok. 5. Click Run FSR Wizard. 6. Click an item from the Snapshot date drop-down list. The snapshot you choose determines which versions of the protected computer’s files are restored. To ensure that the most recent data is restored, choose Use latest snapshot data available at restore time. Notes The Snapshot date list does not include snapshots that are missing files due to server space management and snapshots containing corrupted data (in case this data was removed during Integrity Check job). If any date and time settings are different between the protected computer and the server, some older snapshots might not be available for Full System Recovery. To see all available snapshots, the following settings must be identical on the protected computer and the server: (1) the date and time; (2) the time zone; (3) the state of the option to automatically adjust the clock for Daylight Savings Time (whether this option is on or off). Full System Recovery can be performed from a Full System Snapshot that was done using previous versions of Recovery Solution. When you use snapshots from earlier versions, all user data will be included in the image. 7. Under FSR media capacity, specify the type of media you are using. 8. (Optional) To do the entire recovery from CD-ROM or DVD, select Include all user data on CD-ROM. Select this option if you want to do the entire recovery from CD-ROM or DVD. Otherwise, only the temporary operating system is stored on the CD-ROM or DVD, and Recovery Solution will connect to the server to restore the remaining data. Note Make sure that the network share for Full System Recovery has free disk space equal to the total size of the CD-ROM or DVD images plus the maximum amount of data for a single CD-ROM (up to 750 MB) or DVD, depending on the capacity of your blank media. Choosing this option makes the Use latest snapshot data available at restore time option equivalent to simply choosing the snapshot with the latest date from the list. If all the data is included on the CD-ROM or DVDs, Recovery Solution does not connect to the server during Full System Recovery. 9. (Optional) Password protect the image. If you include all the user’s data on the CD-ROM or DVD, select the Password protect CD-ROM. This prevents anyone from browsing the CD-ROM or DVD Recovery Solution Reference Guide 135 contents and restoring files without performing Full System Recovery. Note that if only the temporary operating system is stored on the CD-ROM or DVD, this option is not available; at recovery time, the user must log on to the server to restore the remaining data anyway. a. Select the Account name. The is the domain account name of the user. b. Enter and confirm the account password. 10. Edit image description. You can edit the Image description field if you want to find this temporary operating system image later. 11. (Optional) Create boot floppy disk. If the protected computer is unable to start from CD-ROM or DVD, you can create a boot floppy disk. a. Modify the boot floppy image. You can add, delete, or edit the files that will be placed on the boot disk. To modify the image, click Modify Boot Floppy Image. SCSI CD-ROM Drivers The Full System Recovery boot floppy provides broad support for EIDE CD-ROM drives. However, if a protected computer uses a SCSI CD-ROM drive, a driver for that particular SCSI controller must be added to the Full System Recovery boot floppy. Which DOS SCSI driver (also known as “ASPI Manager”) to use depends on the manufacturer and model of the SCSI controller. Generally, adding DOS SCSI drivers to the Full System Recovery boot floppy involves the following: Determine which SCSI driver to add to the boot floppy. Adaptec DOS SCSI drivers and information are available from Adaptec’s FAQ page, at http://www.adaptec.com/worldwide/support/faqindex.html. LSI Logic (maker of Symbios brand products) provides DOS SCSI drivers and information on its web site, http://www.lsilogic.com/support/index.html. Many other SCSI controller manufacturers also provide DOS SCSI drivers for the products on their web sites. In the root directory of the Full System Recovery boot floppy, locate the config.sys file. In that file, you will need to replace the EIDE CD-ROM driver information with the necessary lines to install the DOS SCSI CD-ROM drivers. Replace the line DEVICE=OAKCDROM.SYS /D:mscd001 as follows: For the Adaptec 2940U/UW controller: DEVICE=A:ASPI8DOS.SYS /D DEVICE=A:ASPICD.SYS /D:mscd001 For the Symbios SYM53C8XX line of SCSI controllers: DEVICE=C:[PATH]ASPI8XX.SYS DEVICE=C:[PATH]SYMCD.SYS /D:mscd001 Recovery Solution Reference Guide 136 Note Microsoft’s CD-ROM Extension “MSCDEX.EXE” is added automatically to the Full System Recovery boot floppy and set to execute from the “AUTOEXEC.BAT” file, with the line LH MSCDEX.EXE /D:mscd001. Note that the device name “mscd001” matches the device name given with the /D switch used when loading the DOS SCSI drivers above. b. Insert a blank or removable 1.44 MB 3.5-inch floppy disk. c. Click Create Boot Floppy Disk. 12. Check temporary operating systems settings. When you choose a snapshot, Recovery Solution immediately checks the protected data to verify that it contains the information required to run Full System Recovery. Temporary operating system During Full System Recovery, Recovery Solution starts by installing just enough of the protected computer’s operating system to run Recovery Agent and securely communicate with the server. This temporary operating system consists mainly of files that Recovery Solution has detected as being required to start the protected computer. This set of files should be sufficient to start the computer. However, you have the option to add files from the protected computer’s snapshot to its temporary operating system. Click the Advanced button in the Protected Computer Settings area if you want to modify it, and then click Modify temporary OS contents. Note Make sure the temporary operating system fits on a single media (Example: one 650 MB or one 4GB DVD) . Otherwise, Full System Recovery will not succeed. The Protected Computer Files file tree shows all of the files contained in the Full System Snapshot that you are recovering. The files with red check marks are included in the temporary operating system image. The folders with red check marks each contain one or more files that are included in the temporary operating system image. The green files and folders without check marks were added manually. The Temporary Operating System file tree shows all of the files currently contained in the temporary operating system that Recovery Solution will use to start the computer during Full System Recovery. Note If the protected computer had an LMHOSTS file specifying network access configurations, verify that this file is included in the list of temporary operating system files. Inclusion of this file ensures that the protected computer will retain its network configuration during recovery. Use the Add and Remove buttons to modify the temporary operating system. You can select multiple items by holding down the CTRL (1 item at a time) and/ or SHIFT (range of items) key while making your selections. Choose Reset Image to put the temporary operating system image back to the default set of files detected by Recovery Solution. 13. You can also modify the following options in the Advanced settings dialog: Recovery Solution Reference Guide 137 Don’t restore the partition table and don’t format the volumes if they’re already formatted Enabling this option may be useful in case Full System Recovery fails when recreating drives structure. See Using Full System Recovery Without Formatting Drives Option (page 145). Don’t delete source files after the ISO files creation Enabling this option may be useful in case the administrator wants to perform Full System Recovery from PXE or USB media. Don’t use compression in temporary OS CAB files Enabling this option may be useful in case data copying from FSR media fails in DOS mode. 14. Click OK to close the Advanced settings dialog window. 15. Click Start to begin creating the Full System Recovery disk. Progress information appears in the window as the disk is created. Note During this process, Recovery Solution creates large image files on the server. If you cancel the process, the files already created are not automatically deleted. You should delete them manually to conserve disk space. 16. Choose one of the following options to write Full System Recovery images to CD/ DVD-ROM. Use a CD/DVD writer on a computer from which you can access the shared network folder for Full System Recovery. You need to find the image within the shared folder. Within the main folder you should see a folder with the name of the server. Beneath this are folders that have names in the format Computer_xxxx.IMG, where Computer is the name of the protected computer you are creating the CD/DVD-ROMs for, and xxxx is a number indicating the snapshot used (sequential from the oldest one on the server). The folder contains an ISO image file for each CD/DVD-ROM in the set. Copy the images from the shared network folder to a location from which you can write it to a CD/DVD. You can do this from the Altiris Console. Select the protected computer, and from the Action menu or the context menu, click Full System Recovery, then Manage Images. Select the one you want, then click Copy To to copy the image to another location. Note Depending on the size of the image, the copying process could take a long time. When the folder is accessible to your CD/DVD writer, you can begin making the CD/ DVD-ROMs. You can use any standard CD/DVD writing software to create a CD/ DVD-ROM from the image file. Recovery Solution Reference Guide 138 Notes These files are CD-ROM images. To create CD-ROMs from these images, you must use the feature of your CD writing software that is specifically designed to extract the image information from a standard .ISO file and write it to a CD-ROM. The option is typically called something like “Create CD From Image File.” If you simply copy the file to the CD-ROM, it will not work for Full System Recovery. Some CD-ROM drives might not be able to read CD-ROMs that have not been finalized (or “closed”). This happens frequently with older NEC drives.* If you encounter problems such as error messages claiming that files or folders cannot be found, or if you find that the data on the CD-ROM cannot be browsed or manually restored, you might need to ensure that you finalize the discs in your CD writing software. The easiest way to do this is to create the CD-ROMs using the “disc-atonce” option. * Information courtesy of Andy McFadden’s CD-Recordable FAQ (http:// www.cdrfaq.org). Full System Recovery Using PXE Recovery Solution integrates with Deployment Solution 6.5 and lets administrators perform a Full System Recovery using PXE (Pre-Boot Execution Environment) over network without physically attending the problematic computer and burning any Full System Recovery CD or DVD-ROMs. Instead, the Full System Recovery data is accessible through a network share. For information on how to configure the Full System Recovery and PXE, see Article # 18934 in the Altiris Knowledgebase. Full System Recovery from USB Media Universal Serial Bus (USB) is the standard for connecting additional equipment to your computer, like printers, scanners, webcam's, digital camera's, keyboards, mouse, hard disks, etc. One of these devices is the so called thumbdrive, keychange disk, USB pen, or flash drive etc. whatever you want to call them. You can use one of those as well as USB hard disk drives to boot the protected computer and perform Full System Recovery similarly as you would with the Full System Recovery CD/DVD. Full System Recovery from USB media can be particularly useful for recovery of protected computers which do not have a CD/DVD-ROM drive. Unlike Full System Recovery from CD/DVD-ROM, using the USB media for the same purpose requires specific preparation steps to be manually performed by the user. Note “Include All User Data” option is not supported for Full System Recovery from USB. Only basic operating system (Mini OS) image can be restored from USB media. Requirements for Full System Recovery from USB media These are requirements for Full System Recovery from USB media. z The USB media must be bootable (most USB flash drives and hard disk drives are compatible). z BIOS on target computer must support booting from a USB device. Recovery Solution Reference Guide 139 z USB drive must be properly formatted as bootable FAT16 partition before it can be used as Full System Recovery media. z Full System Recovery floppy content and source Mini OS files (Full System Recovery image content) must be copied to the USB drive and specially modified. z The selected snapshot size plus the size of Full System Recovery floppy files cannot exceed 2GB (FAT16 partition limitation). Note Full System Recovery from USB media process is the same as the original Full System Recovery from CD/DVD-ROM. The only step that is omitted is the 30-second timeout at start-up when Full System Recovery prompts the user to press any key to initiate Full System Recovery, since the USB bootable media is not formatted by the Recovery Console Full System Recovery Wizard. See also: Preparing the USB media for Full System Recovery (page 140). Preparing the USB media for Full System Recovery To prepare the USB media for Full System Recovery take the following steps in order: 1. Create the Full System Recovery boot floppy disk (page 140) 2. Create the Full System Recovery source files (page 140) 3. Format the bootable USB media (page 141) 4. Copy the Full System Recovery content to USB media (page 141) Create the Full System Recovery boot floppy disk Create a bootable Full System Recovery floppy. For information, see Full System Recovery Disk Creation (page 134) step 11. Create the Full System Recovery source files For Full System Recovery from USB media, we need the temporary Full System Recovery image source .CAB files created by Full System Recovery Wizard at run time. The files are created in the Full System Recovery image location (see Full System Recovery Setup on page 133) subfolder when the ISO image is compiled. Configure the Full System Recovery Wizard with the following options and run the image creation process (for details, see Full System Recovery Disk Creation on page 134). 1. Choose the required snapshot. 2. Select “CD 650MB” for FSR Media Capacity. 3. Clear the Include all user data on CD-ROM checkbox. 4. Set the Don’t delete source files after the ISO files creation check box in the Advanced settings dialog of Full System Recovery Wizard to keep the source files after the Full System Recovery image is created. 5. Click Start. Tip The Full System Recovery souce files can also be obtained from the ISO image file using a third-party ISO extraction utility. Recovery Solution Reference Guide 140 Format the bootable USB media Format the USB hard disk or flash drive as a bootable FAT16 DOS partition (2GB maximum) manually or by using a third-party tool. Note Altiris Recovery Solution does not format the USB media. You must buy or find a freeware tool for it. Examples: z For HP Drive Key or DiskOnKey USB Device, use Windows-based format utility found at http://h18000.www1.hp.com/support/files/serveroptions/us/download/ 20306.html. z Use the FlashBoot utility (http://www.prime-expert.com/flashboot/). This utility supports formatting of both USB hard drives and memory sticks, performing all the steps that are required to make it bootable. z Format the USB media manually (for example, see http://www.weethet.nl/english/ hardware_bootfromusbstick.php). Both methods let you create a bootable USB media with the boot OS (Free DOS, MS-DOS, Caldera DOS etc.). Copy the Full System Recovery content to USB media 1. Copy all files, except system files, from the Full System Recovery floppy into the root folder of USB media. The following files are required (highlighted on the picture). autoexec.bat config.sys display.sys ega.cpi keyb.com mode.com pclean.exe readme.txt restore.dat rndm_dr.exe strings.ini vdisk.sys Recovery Solution Reference Guide 141 2. Modify and save the AUTOEXEC.BAT, CONFIG.SYS and RESTORE.DAT files (for example, using Notepad application) in the USB media root folder. a. AUTOEXEC.BAT. Remove all references to MSCDEX.EXE, Nwcache.exe and hardcoded paths. The file must look as follows: @echo off mode con codepage prepare=((437)ega.cpi) mode con codepage select=437 rndm_dr.exe b. CONFIG.SYS. Remove all references to oakcdrom.sys driver. The file must look as follows: files=30 lastdrive=z DEVICE=Vdisk.sys 4096 512 128 /E:8 /X DEVICE=DISPLAY.SYS CON=(EGA,,1) c. RESTORE.DAT. Adding “USBFSR=1” line. The file must look as follows: CD=1 FLOPPY=1 USBFSR=1 3. Copy the following Mini OS source files (created at Create the Full System Recovery source files on page 140) into the root folder of USB media as is — no other modifications needed: DISK1 (folder) Browse CD.cds FLOPPY.IMG Readme.txt Recovery Solution Reference Guide 142 Finally, the USB drive content should look similar to the contents of the USB drive F on the picture (Free-DOS was used in this example, MS-DOS or Caldera DOS can be used as well) Running Full System Recovery Before running Full System Recovery, ensure that a snapshot is not scheduled for the day. Otherwise, it could run during Full System Recovery and interfere with the process. Then, run an integrity check job to ensure that the database is refreshed before recovery starts. Note By default, performing a Full System Recovery will reformat the computer’s hard dive. If the computer has data that is not part of a snapshot, and you want to preserve the data, you can run the Full System Recovery without formatting the hard drive. For more information, see Using Full System Recovery Without Formatting Drives Option (page 145). To run a Full System Recovery 1. Turn the computer off. Note It is important to turn the computer off rather than simply restarting it. When you turn the computer off, all of the memory is cleared, which helps ensure that you will not run into memory problems when you boot from the Full System Recovery disk. 2. Insert the first disk or CD-ROM in the recovery set (if you are using a disk, make sure the disk is not write-protected) or insert the USB media into the slot and turn the computer on. Recovery Solution Reference Guide 143 Notes Some Toshiba computers cannot be recovered by booting from the floppy disk. For Toshiba computers, insert the first CD-ROM, then press the C key during bootup to force the computer to boot from the CD-ROM. Booting from the CD-ROM is the preferred solution for Toshiba computers, since it can take up to half an hour to boot from the floppy disk. Important In case of Full System Recovery from USB media, the computer BIOS must be configured to boot from the USB device. 3. A confirmation prompt with a countdown appears. To boot from Full System Recovery disk and begin the recovery, press any key. If you do not answer the prompt within the timeout period, the computer boots normally from the hard disk. To restart Full System Recovery, turn the computer off and back on again. Notes This confirmation prompt appears whenever the computer is started with Full System Recovery media in a bootable drive. For subsequent restarts during Full System Recovery, you should either remove the disks before the restart, or you should ignore the prompt and let the computer start normally. The confirmation prompt does not appear in case of Full System Recovery from USB media. 4. The Full System Recovery confirmation appears. To start the recovery, press F10. Recovery Solution partitions and formats the hard drives. It also installs the temporary operating system on the hard disk, and Windows Setup restarts the computer. This could take some time, depending on the size of the temporary operating system. Expect it to take up to 30 minutes for Windows 2000 computers. Note If the Full System Recovery fails in formatting the hard drives, see Using Full System Recovery Without Formatting Drives Option (page 145). 5. When prompted, remove the Full System Recovery disk. Recovery Solution restarts the computer and continues the Full System Recovery. 6. When prompted, you can choose to restore the remaining data either directly from the CD-ROM or over the network, from the Recovery Solution Server. If the data is not accessible from one of these places, the appropriate option is disabled, and you must choose the other one. 7. If you are recovering from a CD-ROM that is not password protected, Full System Recovery continues automatically after 30 seconds, or you can click OK to continue immediately. Otherwise, specify the account information according to the recovery data source: If you are restoring data over the network, specify the account information of any authorized Recovery Solution user. Recovery Solution Reference Guide 144 If you are restoring data directly from CD-ROM, specify the account information of the user the administrator selected when he created the recovery CD-ROM set for this computer. If the CD-ROM set has been password-protected, you will also need the password that was assigned to the CD-ROM set at that time. 8. Recovery Solution restores the complete snapshot to the protected computer (from the Recovery Solution Server or from CD-ROM), and restarts the computer. Note If there are a large number of files on the CD-ROM set, data restore might be very slow, and might appear to be making no progress for some minutes. In this case, Full System Recovery has not failed; the process is simply slow. 9. Temporary folders might have to be recreated manually. These are usually not included in snapshots and are therefore not restored to the protected computer. Certain applications might require the existence of temporary folders before they will work properly. Using Full System Recovery Without Formatting Drives Option If the Full System Recovery fails in formatting the hard drives, you can perform a Full System Recovery with a no-format option. You can also use this option to protect data that is not part of a snapshot. Caution If you decide to use the “No format” option, partitions must be formatted prior to running the Full System Recovery; otherwise, the recovery can fail leaving the computer in an unusable state in case the non-formatted partitions are incorrectly identified. Notes If you are using this option because the Full System Recovery failed, you should first manually re-format your hard drives and create a new system partition. The system partition that you create must correspond with the Windows system, which will be restored by Full System Recovery. The copying of the Mini OS under DOS cannot be performed on NTFS volumes. All partitions which contain Mini OS data should be reformatted as FAT or FAT32. The partitions will later be converted back to NTFS. This feature cannot be performed on FAT partitions larger than 2 GB, or on NTFS partitions larger than 2 GB. To run Full System Recovery without formatting hard drives 1. Complete the first four steps from To run a Full System Recovery (page 143). 2. Press and hold the Ctrl key during the boot from Full System Recovery media. 3. From the No format Full System Recovery menu, select to start Full System Recovery without formatting drives. After this, Full System Recovery will proceed as usual, but without drives formatting. Recovery Solution Reference Guide 145 Norton AntiVirus Notes If the protected computer has Norton AntiVirus installed, you may encounter the following errors during Full System Recovery. z If you begin Full System Recovery by restarting the protected computer with the Full System Recovery disk or CD-ROM inserted, Norton AntiVirus might claim that it detects a boot sector virus, even though there is not one. To work around the virus error, remove the disk or CD-ROM, turn the computer off, then restart the computer with the Full System Recovery disk or CD-ROM already inserted. z After Recovery Solution copies the temporary operating system files, you might see a Norton AntiVirus error regarding the file SYMEVNT.386. This happens because virus protection program files are not included in the temporary operating system. Press Enter to continue past this error and the Full System Recovery continues normally. z After Full System Recovery is complete, you might see a Norton AntiVirus warning indicating that security resources have been tampered with. You can safely close and ignore this error. z After Full System Recovery is complete, evaluation versions of Norton AntiVirus might claim that they are expired and stop working. Restoring Data From Full System Recovery Media A user can restore data directly from Full System Recovery CD/DVD-ROMs and other media. This method can be used to move files to a new or upgraded computer. Data can also be restored this way if a protected computer is functional but Full System Recovery is impossible or inconvenient. An administrator can ensure that the CD/DVD-ROM is password-protected, so only a user who knows the username and password that the files were protected under can retrieve them. To restore data from Full System Recovery CD/DVD-ROM 1. Start the computer in Windows. 2. Insert the CD or DVD-ROM that you want to restore your data from. 3. If Recovery Agent is not installed or is not working properly, run the CD/DVD-ROM file Disk1\Agent\CDViewer.exe to enable browsing of the image. You do not have to do this if Recovery Agent is still functional on the computer. 4. Open the file Browse CD.cds from the root folder of the media. 5. If prompted, enter the username and password that were used to protect the data. 6. Browse and restore drives, folders, and files from the CD/DVD-ROM as you normally would do using Windows Explorer. Erasing the Partition Table You may need to erase the partition table on a client computer if after a full system recovery converts partitions to NTFS, computer restarts, but does not boot. This symptom could occur when the partition information in a disk’s Master Boot Record (MBR) does not match the information in the disk controller. Recovery Solution Reference Guide 146 To fix the problem, you need to erase the partition table from the MBR. You can use the pclean.exe program installed with the console for this purpose. Pclean.exe is located on the Recovery Solution Server at C:\Program Files\Altiris\Recovery Solution\Console. You can also access it through the Altiris Console on the Tasks tab under Tasks > Incident Resolution > Recovery Solution > Erase Partition Table. To erase the protected computer’s partition tables 1. Boot the protected computer to DOS. To do this you can boot using Full System Recovery disks and then press N to cancel. 2. From the DOS prompt, run pclean.exe. 3. You will be prompted to enter disk numbers from which you want to erase the partition tables. If you know which disk is causing the problem, you can erase only that partition table. Otherwise, you might have to erase them all. 4. After you have erased the partition tables, restart Full System Recovery. Using the Snapshot Command-Line Ordinarily, Recovery Solution performs snapshots according to a set schedule. In some cases, however, you might want to take a snapshot of a computer as part of the process of running an application on the computer, in order to ensure that information changed by the application is protected in case of potential problems with the data later on. Example: if a user is updating a local copy of one or more central databases over the Internet and there are problems during the transmission of these files, it might be necessary to restore the local copies of the databases to their pre-transmission state and restart the update. But if some of the files are protected, it might be possible to restore later versions of the files and avoid re-transmitting much of the content. A command-line interface in Recovery Agent can be used to start a snapshot in these situations. To run it, include a call to the executable file install path\Altiris\Recovery Solution Agent\AeXCmd.exe in your application’s batch command file. You can also run this file manually from a DOS-style command prompt. AeXCmd.exe determines which data to protect as follows. 1. If the protected computer has remote access options configured for Recovery Agent, the files specified in the remote access options are included in the snapshot. 2. If no remote access options are defined, a Full System Snapshot is performed on all local drives. (There is no way to restrict the files being protected to those created by the application.) Note AeXCmd.exe runs manual snapshots. If additional snapshots are scheduled, they will still be performed. See also: z Scheduling Snapshots with the Command-Line Interface (page 148) z Command-Line Syntax (page 148) Recovery Solution Reference Guide 147 z Exit Codes (page 150) Scheduling Snapshots with the Command-Line Interface Under certain circumstances, you might want to schedule snapshots using the command-line interface instead of the protected computer’s properties. One reason for doing this is to be able to process additional commands just before or after running the snapshot, stopping services to ensure that important files are not locked during the snapshot. You can include all of the commands that you want to run together in a batch file that you can schedule as a single item. Tasks can be scheduled using Windows Task Scheduler on any protected computer that has a recent version of Windows and Internet Explorer installed. Tasks can also be scheduled in Windows 2000/XP using the AT command-line program (see Windows Help for details.) You might want to disable the normal schedule for snapshots in the protected computer’s properties so that all snapshots run from the command line together with the associated commands, and you will not have to try to figure out which snapshots are valid later on. Note By default, Windows 2000/XP runs scheduled tasks using the credentials of the local computer’s SYSTEM account. This means that if the server is running in Windows domain security mode, then the user is prompted for valid credentials before the snapshot runs. The prompt can be circumvented by specifying the credentials in scheduled task created with Task Manager. Command-Line Syntax The following usage scenarios are available using the AeXCmd command-line: z Full system snapshot. By default, all drives will be included in snapshot. aexcmd.exe /RunFullSnapshot [/AutoClose] [/Wait] [/Local] [/Folder:<drive letter:>] [/Silent] z Partial snapshot. A partial snapshot does not include registry backup and FSR data collection. Rollbacks cannot be initiated to such snapshot. aexcmd.exe /RunSnapshot [/AutoClose] [/Wait] [/Local] [/Folder:<path to folder>] [/File:<path to file>] [/Silent] At least one parameter (/folder or /file) must be used, otherwise an error will be reported. You can specify one or more “/folder” and “/file” arguments. Example aexcmd.exe /runsnapshot /folder:"c:\folder1" /folder:"d:\folder2" /file:"e:\somefile" /wait z Rollback. By default, only system and application files will be restored. aexcmd.exe /Rollback [/AutoClose] [/Wait] [/Local] [/NoReboot] Recovery Solution Reference Guide 148 [/Folder:<drive letter:>] [/AllData] [/Silent] z Restore. By default, it restores the same data that was backed up during the snapshot. aexcmd.exe /Restore [/AutoClose] [/Wait] [/Local] [/Folder:<drive letter:>] [/Silent] z Apply settings. This command can be used to reapply Recovery Agent settings on clients. aexcmd.exe /ApplySettings Parameters description The command-line parameters are described below. Parameters are not case-sensitive. AeXCmd.exe command-line parameters Parameter Description /Runfullsnapshot Performs a full snapshot (same as without parameters). /Runsnapshot Performs a partial snapshot. Usage: /Runsnapshot [/file:<full file path> or /folder:<full folder path>] /rollback Performs a rollback to latest full snapshot performed by AexCmd utility. By default, only system and application files will be restored. To restore all data, add the ‘/AllData’ switch. /restore Performs a restore of data from the latest snapshot performed by AeXCmd. Usage: /folder:<drive letter> Use the /folder:<drive letter> parameter to select a drive to restore. Example: if the previous snapshot included C: and D: drives, then using /Restore with /Folder:D: will start a restore of all data backed up from D: drive only. /Wait Specifies that the program should not exit until the snapshot is complete or returns an error code in the case of failure. In a batch file, this prevents any subsequent commands from running until the snapshot has finished. If this parameter is not specified, subsequent commands run while the snapshot is running. /AutoClose Recovery Solution Reference Guide The progress screen will be closed after snapshot/restore/ rollback is finished. 149 AeXCmd.exe command-line parameters (Continued) Parameter Description /Local For mixed mode, forces a local snapshot/restore/rollback to be performed. If not specified, a remote operation will be performed in mixed mode. /NoReboot The automatic restart will not be performed after rollback. /Folder Specifies a full path to folder (or drive) that must be backed up/restored (only drive letters are accepted by restore/ rollback operations). /File Specifies a full path to file that must be backed up. /Archive Creates an “archived” snapshot that will not be deleted through Server Space Management jobs. This is useful for creating a “golden” image of a computer. This parameter can only be used with local snapshots, not server-based snapshots. /Silent All operations will be performed silently, invisible to the user. /AllData Instructs rollback to restore all data files as well as program files. All of your applications and settings will be returned to their previous state, and all of your data will be restored. /ApplySettings Rereads and reapplies Recovery Agent settings. In most cases, the /AutoClose and /Wait parameters should be used together. If the /Wait parameter is used alone, the restore or rollback process can stop, waiting for user input. When performing a full snapshot, you can limit the number of drives/volumes that are backed up by specifying them using the /folder parameter. By default, all volumes are backed up. The system and boot volumes will always be included in full snapshot. Exit Codes AeXCmd.exe returns exit codes that can be retrieved in a batch file by checking the ERRORLEVEL value. For more information about checking exit codes, see Windows Help. AeXCmd.exe exit codes Exit Code Description 0 Success. 1 Failure. The protected computer is disabled for snapshots and recoveries. 2 Failure. Another task is already running on the protected computer. 3 Failure. Recovery Agent must be upgraded before a snapshot can run. 128 “Invalid command line arguments.” 129 “Failed to initialize MFC.” Recovery Solution Reference Guide 150 AeXCmd.exe exit codes (Continued) Exit Code Description 130 “Failed to initialize COM.” 131 “Failed to initialize event chain.” 132 “Failed to query mediator interface.” 133 “Failed to obtain mediator state.” 134 “Update is required.” 135 “Error creating manual snapshot specification.” 136 “Error submitting job.” 137 “Job failed or was cancelled.” 138 “Cannot reschedule job.” 139 “Failed to query job queue interface.” 140 “Failed to initiate scheduled job start.” 141 “Failed to update job status.” 142 “Created snapshot specification is empty.” 143 “Created restore job specification is empty.” 144 “Failed to obtain registered volumes list.” 145 “Failed to obtain client key.” 146 “Failed to obtain snapshot job data.” 147 “Error creating restore specification.” 148 “Failed to query DSSBS interface.” 149 “Failed to query DSFileSystemView interface.” 150 “Failed to submit rollback job.” 151 “Failed to obtain client information.” 152 “Failed to create metajob specification.” 153 “Cannot read job key from registry.” 154 “Rollback cannot be initiated from partial snapshot.” 155 “Failed to obtain system folder.” 156 “Failed to obtain client rights.” 157 “Insufficient rights to perform rollback.” 158 “Insufficient rights to perform restore.” 159 “Insufficient rights to perform snapshot.” 160 “Invalid context was selected for rollback/restore operation.” 161 “Memory allocation error.” 162 “Registry agent failed to restore registry.” 163 “Failed to query DSFileSystem interface.” 164 “The snapshot was critically retentioned.” Recovery Solution Reference Guide 151 Using RSACmd.exe Utility RSACmd.exe utility, provided for integration with Altiris® PC Transplant Solution™, is located on each protected computer at install path\Altiris\Recovery Solution Agent. You can use this utility locally on a protected computer to initiate Full System Snapshot and to restore separate files. In order to restore files, you need to specify them in XML (Extensible Markup Language) and supply the specification file using command-line switches. RSACmd command-line parameters Parameter Description /FullSnapshot Take full system snapshot /Job:<path to XML file specifying items to restore>” Restore items specified in XML file /? Display help on RSACmd.exe input parameters The following are some examples of syntax (with possible parameters) for using RSACmd.exe utility with command-line switches. Note Command-line parameters are not case-sensitive. Run full system snapshot rsacmd.exe /fullsnapshot Restore files RSACmd.exe /job :”<path to XML file specifying items to restore>” XML file format <?xml version=”1.0” encoding=”utf-8” ?> <Jobs> <Job type=”restore”> </Items <File Name=”source file name” Source=”source folder path” Dest=”destination folder path”/> </Items> </Job> </Jobs> Recovery Solution Reference Guide 152 Chapter 8 Using Recovery Solution Reports and Job Queue Recovery Solution lets administrators monitor Recovery jobs using the Recovery Solution job queue and provides the following reports: z Client Reports Client reports provide summaries of the data on the server. You can use this information to help you manage snapshots and recoveries. The following client reports are available: z Client Event History Clients with No Full Snapshot in Last ‘N’ Days File Extensions Backed Up by Client File Recovery History Full System Recovery History Most Recent Recovery Solution Events Recovery Solution Clients by Version Recovery Solution Jobs in Last ‘N’ Days Snapshot History Snapshot Status System Rollback History Local Reports Local reports provide summaries of the data on the server. You can use this information to help you manage snapshots and recoveries. The following local reports are available: z Computers by Agent Version Computers with Local Agent Computers with Potential Space Issues Computers without Local Agent Most Recent Recovery Solution Events Computers with Local Agent by Linux Kernel Version Server Reports Server reports provide summaries of the data on the server. You can use this information to help you manage snapshots and recoveries. The following server reports are available: Cluster Space Usage Trend Computers with more than one Recovery Agents Settings Policy Applied Recovery Solution Reference Guide 153 z Data Collector File Extensions Backed Up by Cluster Health Alerts Largest Files Search for a File Cluster Disk Space Currently Used Unsuccessful Jobs in Last ‘N’ Days Users Users with Web Based File Recovery Access Users without Web Based File Recovery Access Clients Clients registered under default account Critical Software Bulletins Critical Software Delivery Tasks To open the Recovery Solution job queue 1. In the Altiris Console, click the Reports tab. 2. Select Dashboards > RS Cluster Job Queue. This will show all currently running Jobs on all clusters. 3. Click Show pending jobs icon to show all scheduled jobs as well as currently executing jobs on all clusters. 4. Click the Hide pending jobs icon 5. Click the Refresh the job queue icon to show only current running jobs. to update the current view. Note You can view details for a running client job. Right-click on a job in the list and select Details from the menu. No details are available for server jobs. To access Recovery Solution reports 1. In the Altiris Console, click the Reports tab. 2. In the left pane, click the report type and report you want to use. Recovery Solution Reference Guide 154 Part II Using the Recovery Agent The following chapters describe how to manually install and perform tasks using the Recovery Agent on client computers: z Getting Started with the Recovery Agent (page 156) z Configuring the Recovery Agent (page 162) z Advanced Recovery Agent Tasks (page 183) Recovery Solution Reference Guide 155 Chapter 9 Getting Started with the Recovery Agent The Getting Started tasks guide you through the basic setup, configuration, and use of the Recovery Agent. Getting Started tasks z Manually Install the Recovery Agent (page 156) z Take the Initial Snapshot (page 157) z View Your Recovery Agent Options (page 157) z Ensure Automatic Snapshots Are Taken Successfully (page 158) z Take an Unscheduled Full System Snapshot (page 158) z Take an Unscheduled Partial Snapshot (page 159) z View and Restore Protected Files (page 159) z Save and Restore Network Settings (page 161) Prerequisites for Getting Started tasks z Notification Server 6.0 with SP3. z Recovery Solution 6.2 SP2. z One client computer running a supported Windows operating system with the Altiris Notification Server 6.0 Agent and the Recovery Agent 6.2 SP2 installed on it. Manually Install the Recovery Agent The Recovery Agent Setup Wizard lets you install the Recovery Agent, which will run on the computer and take automatic snapshots of all the data. To install the Recovery Agent 1. Open the Recovery Agent Setup Wizard by entering the page address provided by your administrator in the Internet Explorer Address bar. Click Next. Notes The default address of the Recovery Agent Setup Wizard page is http://server/ rsagent, where server is the address of the Recovery Server computer. 64-bit Recovery Agent installation is not available through the Web-Based Setup Wizard. 2. On the Customize your Altiris Recovery Agent page, select one or both of the following options: Server-based Mode In this mode, files are backed up to and restored from a Recovery Server. Recovery Solution Reference Guide 156 Local Mode In this mode, files are backed up to and restored from your computer's hard disk. The Recovery Agent will create the Recovery Agent Partition where your snapshots will be stored. The partition is created inside the existing Windows partition. 3. Select additional setup options: a. Select Do not prompt to reboot after Recovery Agent installation. Your computer will restart automatically. b. Select Skip the initial snapshot after the agent installation. By default, the Recovery Agent attempts to take a snapshot of the computer immediately after successful installation. If you select this option, the initial snapshot will not be started but your data will be backed up during the next scheduled snapshot or you can back them up manually. 4. Click Next. 5. On the Select Installation Type page, click Create New Account to create a new account on the server. 6. Click Next. 7. Click Install and follow the instructions on the screen to complete the installation. Take the Initial Snapshot After you install the Recovery Agent and restart the computer, a dialog will prompt you to take a Full System Snapshot of the system. To take the initial snapshot 1. In the Take initial snapshot dialog, click Take Snapshot Now. Note (Local mode only) Clear the Update snapshot schedule box at the bottom of the dialog if you do not want the existing snapshot schedule updated according to the specified settings. 2. In the Take Snapshot dialog, select the required Snapshot type. View Your Recovery Agent Options You can see how the Recovery Agent is configured on your computer and change the settings if your administrator granted the appropriate rights. For information on changing the agent options, see Configuring the Recovery Agent (page 19). To view Recovery Agent options These are the ways to access the Recovery Agent Options dialog: z Option 1: Double-click the Recovery Agent icon Recovery Solution Reference Guide located on the desktop. 157 Note If the icon is not on the desktop, you might have moved it to your “My Computer” folder. z Option 2: Select Start > Programs > Altiris > Recovery Agent > Recovery Agent Options. Ensure Automatic Snapshots Are Taken Successfully The Recovery Agent has a default automatic snapshot schedule. Your administrator can configure Recovery Agent so that snapshots of your files are taken regularly. Notes To view the snapshot schedule and options for your computer, see View Your Recovery Agent Options (page 157). You can make changes to your snapshot schedule if your administrator granted you the rights. See Configuring the Recovery Agent (page 19). Follow these guidelines to ensure that your scheduled snapshots are taken. z Schedule snapshots at appropriate times. The best time for your snapshots to run is while you are not using your computer. Although you can continue using your computer while the snapshot is taken, we recommend taking snapshots when the computer is not being used because it degrades computer performance. If you use a portable computer in server-based mode, your snapshots will usually run when you connect to the network, regardless of the scheduled snapshot time. z Determine whether the Wake on LAN option is enabled on your computer (see Attempt to wake the client before a scheduled snapshot on page 31). If it is not, leave your computer on all the time. You can log out or use a password-protected screen saver to ensure security. z Continue to use the regular backup features that come with programs (such as Microsoft Office) because Recovery Agent usually takes a snapshot of your computer once a day, so if something happens to your files just before your snapshot runs, you could still lose a whole day’s work. Take an Unscheduled Full System Snapshot The Full System Snapshot includes your computer’s configuration and operating system files. In server-based mode, this makes Full System Recovery possible in case your computer’s disk drive fails. This makes a Full System Recovery possible in case Windows fails to start. A Full System Snapshot will include everything on a selected drive except for excluded files. For immediate protection of recently created files, you can perform snapshots manually through Windows Explorer. To run the Full System Snapshot manually 1. Right-click the My Computer icon and click Snapshot. Recovery Solution Reference Guide 158 2. Click Full System Snapshot. The dialog box lists all the drives in your computer. Set or clear the check box next to any drive that you do not want to exclude or include in the snapshot. You cannot clear either the startup drive or the drive with the installed operating system. (Usually, they are both on drive C.) 3. Click OK to continue with the snapshot. 4. In the Snapshot of Local Drive(s) dialog, click Start. The Altiris Recovery Agent Snapshot Progress dialog window appears. Take an Unscheduled Partial Snapshot A partial snapshot protects only the files that you select. In case of failure, you cannot use a partial snapshot for Full System Recovery of your computer. To run a partial snapshot 1. In Windows Explorer, select one or more drives, folders, and files to include in the snapshot. 2. Right-click your selections and click Snapshot. Note The Snapshot command is not available if none of the selected items are stored on supported media. 3. A dialog box opens and prompts you for a descriptive label for your snapshot. Accept the default description that uses the current date and time. 4. Click Start. 5. The Snapshot Progress window appears and shows the status of the snapshot. You can use your computer during the snapshot. To cancel the snapshot, click Stop. Start the snapshot again to ensure that your data is protected. When the snapshot finishes, the Stop button changes to Close. Click Close. View and Restore Protected Files Using the Recovery Agent folder in the Windows Explorer tree, you can view the files and folders in the snapshots. To view protected files 1. In the Recovery Agent Options dialog, click the Snapshot and Restore tab. 2. Click Restore Files. 3. Click Advanced Selection. 4. Select the Altiris Recovery Agent folder, which displays drive snapshots. 5. Browse the folders in the snapshot. 6. Double-click a drive in the window to view folders and files. Recovery Solution Reference Guide 159 To view earlier versions 1. In Windows Explorer, click the View menu. 2. Select Recovery Solution Versions. 3. Select one of the following options: All Versions Choose this option to display all snapshots of your files. If you are viewing all file details (View > Details), the Snapshot Taken column shows the date and time that each snapshot originally ran. Note In some cases, the time displayed in the Snapshot Taken column is the only way to distinguish the difference between two or more versions of a file. This happens if the file itself did not change between snapshots, but some properties of the file did. Example: Recovery Solution creates a new version of the file if the only change is in its NTFS security attributes. Latest Version Only Choose this option to display the most recent snapshot of each file. Even files that were excluded in the most recent snapshot are displayed, as long as they were in a previous snapshot. 4. If you have installed the Recovery Agent more than once (or if the software was automatically updated from the server), select from the following additional options: Snapshots From All Installations (default) Choose this option to display protected files from all of your Recovery Agent installations. Snapshots From Current Installation Choose this option to display protected files only from your current Recovery Agent installation. Snapshots From Previous Installations Choose this option to display protected files only from your previous Recovery Agent installations. Notes If you are viewing all file details (View > Details), the Snapshot Taken column shows the date and time that each snapshot originally ran. If a particular file or folder originated on an NTFS drive, and you do not have at least read access to the file or folder, then you cannot see it in the list of protected files. However, if you restore a folder containing the secure item, the item will also be restored (but you still will not have access to open it). To restore files You can restore any version of a file that is displayed. 1. Browse the items in the snapshot. See To view protected files (page 159). 2. Select the items to restore, and then drag the files to their destination on your local hard disk. Alternatively, you can right-click the selected items and click Restore. Recovery Solution Reference Guide 160 If files or folders with the same name already exist at the destination, Recovery Solution lets you choose whether to replace them. The Restore Progress window appears, showing the status of the restore. 3. To cancel the restore, click Stop. When the restore finishes, the Stop button changes to Close. Click Close. For information about other ways to restore files and computer settings in case of failure, see the following sections: z Performing Rollbacks (page 39) z Full System Recovery Options (page 41) z Using Web-Based File Recovery (page 44) Save and Restore Network Settings Whenever you start your computer or make a successful Dial-Up Networking connection, Recovery Agent saves your computer’s remote network settings, including all of your Dial-Up Networking, Virtual Private Networking connections, and Direct Connection settings (if you are running Windows 2000/XP). If your networking settings change and you cannot make a connection, restore the settings from one of the network setting snapshots. To save and restore network settings 1. In the system tray, right-click the Recovery Agent icon. 2. Click Network Setting Snapshots. In this dialog box, you can create and delete snapshots, as well as restore settings from existing snapshots. Recovery Solution Reference Guide 161 Chapter 10 Configuring the Recovery Agent You can configure Recovery Agent options by using the Recovery Agent Options dialog box. Note If a section of the dialog box is disabled or missing, only the administrator can change those settings. To change Recovery Agent options 1. Open the Recovery Agent Options dialog box (see View Your Recovery Agent Options on page 15). Note When you are using the Recovery Agent in mixed mode, you will be prompted to select one mode to view the settings. In the Recovery Agent Options dialog box, the following tabs are displayed: Recovery Agent Options Tabs Tab Function Snapshot and Restore Displays status information about your See Snapshot and Restore snapshots and restores, and lets you Dialog Box on page 164. perform snapshot and restore tasks. Link Snapshot Schedule Lists the schedule and settings for your See Snapshot Schedule Dialog automatic snapshots. Box on page 167. Administration (server-based mode only) Lets you view and change preference settings. Go here to change your Recovery Agent description on the server. See Administration Dialog Box (server-based mode only) on page 169. General Lets you view log files related to your computer’s snapshots and restore jobs. Go here to create and remove the Altiris Recovery Partition for local snapshots. See General Dialog Box on page 170. Space Management These rules determine when old snapshots are automatically deleted. See Space Management Dialog Box on page 172 Misc Lets you set miscellaneous snapshot and agent settings. See Misc Dialog Box on page 173. Full System Recovery (local mode only) Lets you set Full System Recovery See Full System Recovery settings and launch the Recovery DVD Dialog Box on page 174. Wizard. Recovery Solution Reference Guide 162 Recovery Agent Options Tabs (Continued) Remote Access (server-based mode only) If you use a modem or other remote connection to log on to your office network, use this tab to set up Recovery Solution to run automatic snapshots with a modem or remote connection. See Space Management Dialog Box on page 172. Note This tab only appears if you have DialUp Networking installed. Excludes The files you enter here are excluded from all manual and automatic snapshots. Choose excluded files carefully (see Excluding Files from Snapshots on page 35). See Excludes Dialog Box on page 177. Notes Full System Recovery cannot be performed if you exclude certain files and folders. For details, see Files and Folders You Should Never Exclude on page 35. In server-based mode, this tab is available only if the administrator has granted you rights. Rollback Data Lets you specify file types, which will not be rolled back when the Restore system and application files only Rollback option is selected. See Rollback Data Dialog Box on page 180. Storage Locations (local mode only) Lets you view and edit the location where your snapshots are saved. See Storage Locations Dialog Box (local mode only) on page 180. 2. Click one of the tabs in the dialog box to view or change settings. 3. Make your changes and then click OK. Note After clicking OK, you should open the Options dialog box again to ensure that the Schedule tab AM/PM fields of the Start Time and End Time are correct. A known problem with the scheduling controls sometimes causes a “PM” time to be reset to “AM.” How Administrator Settings Might Affect You The Recovery Solution administrator can limit your ability to perform certain tasks and modify various Recovery Agent settings. When any of the user rights are disabled, you may not have access to some of the Recovery Agent settings and actions described in the User’s Guide. If you have more than one computer, the restrictions may be different for each one. Recovery Solution Reference Guide 163 Snapshot and Restore Dialog Box To access this dialog box, open Recovery Agent Options (see View Your Recovery Agent Options on page 15) and click the Snapshot and Restore tab. This section contains the following topics: z Last Snapshot/Restore Status (page 164) z Snapshot Options (page 164) z Restore Options (page 165) z Throttling Options (server-based mode only) (page 165) z Performance Options (local mode only) (page 166) z Snapshot Selection Wizard Dialog Box (page 166) z Restore Selection Wizard Dialog Box (page 166) Last Snapshot/Restore Status The “Last Snapshot/Restore Status” section provides information about your computer’s most recent snapshot or restore job. Time This box shows the date and time that your computer’s most recent snapshot or restore was run. Description This box shows a description of your computer’s most recent snapshot. Status This box indicates whether your computer’s most recent snapshot or restore succeeded or failed. Snapshot Options Snapshot options can be configured using the Misc tab. For more information, see Misc Dialog Box on page 173. Snapshot Click the Snapshot button to launch the Snapshot Selection Wizard that guides you through taking a snapshot. If this button is not available, then you do not have permission to perform a snapshot manually. Accelerate Click the Accelerate button to accelerate scheduled snapshot to be performed immediately See also: Snapshot Selection Wizard Dialog Box (page 166). Recovery Solution Reference Guide 164 Restore Options These options let you restore files from a snapshot of your computer. Restore Files Click the Restore Files button to restore one or more specific files, folders, or drives from the Recovery Solution Server. Rollback Click the Rollback button to open the Rollback dialog box and to return your entire computer to its state at the time of any previous Full System Snapshot. For more information, click Help. If this button is not available, then you do not have permission to perform a rollback. Contact your Recovery Solution administrator if you need to return your computer to a previous state. See also: Restore Selection Wizard Dialog Box (page 166). Throttling Options (server-based mode only) The Bandwidth Throttling page contains settings that let you limit the network bandwidth used when taking snapshots and restoring files. This option is only available if the administrator has granted rights to you to change these settings. If you have rights to view this page, you will see the values that have been set by the administrator. You may want to change these settings especially if you are using dial-up networking. Note Network bandwidth limits can be set in kilobits (Kbps) or megabits per second (Mbps). Default Options z Use system defaults By selecting this check box, Recovery Solution will use the system defaults, which is unlimited bandwidth. Snapshot throttling options z Limit snapshot speed to You can select the maximum network bandwidth used when taking snapshots. z Do not start snapshot if transfer rate is less than You can select the minimum network bandwidth used when taking snapshots. If this minimum bandwidth is not available, the current snapshot will be cancelled. z Do not start automatic snapshots over WAN connection Select this box to restrict snapshots from running when the client computer is on the WAN. Restore throttling options z Limit restore speed to You can select the maximum network bandwidth used when restoring files. Recovery Solution Reference Guide 165 Performance Options (local mode only) Click Performance to open the Recovery Agent Performance Options page. This page lets you set computer performance options for taking snapshots or restoring files. You can use system defaults or select your own options. Snapshot Selection Wizard Dialog Box This wizard helps you make a snapshot of your files. To access the wizard, open Recovery Agent Options (see View Your Recovery Agent Options on page 15), go to the Snapshot and Restore tab, and click Snapshot. Full System Snapshot A snapshot of a computer that contains enough information to restore the computer in the event of a disaster. A Full System Recovery can only be performed from a Full System Snapshot. In addition to whatever files you select, a Full System Snapshot always contains the information about the computer’s disk partitions and drives and the Windows registry. You can also include any additional data from local drives. A Full System Snapshot does not have to contain all of the computer’s files and folders. Search Click this button to search for specific files. Type the name of the file or folder to find. You can also search for multiple files that match a search pattern. Use standard wildcard characters, such as “?” and “*”, to look for multiple files or folders. Advanced Selection Opens Windows Explorer so you can search for files yourself. You can take snapshots of files from within Windows Explorer by right clicking them and selecting Snapshot in the drop-down menu. Restore Selection Wizard Dialog Box This wizard helps you restore your files. Search Use this option to search for specific files. Type the name of the file or folder to find. You can also search for multiple files that match a search pattern. Use standard wildcard characters, such as ? and *, to look for multiple files or folders. Click this button to search for specific files. Advanced Selection Opens Windows Explorer so you can search for files yourself. You can restore files from within Windows Explorer by right clicking them and selecting Restore in the drop-down menu. For more information on rollbacks, see Rollback Dialog Box on page 39. Recovery Solution Reference Guide 166 Snapshot Schedule Dialog Box To access this dialog box, open Recovery Agent Options (see View Your Recovery Agent Options on page 15) and click the Snapshot Schedule tab. This section contains the following options: z Enable Schedule Snapshots (local mode only) (page 167) z Snapshot type (page 167) z Start Time (page 167) z Use System Defaults (page 169) Enable Schedule Snapshots (local mode only) To enable automatic scheduled snapshots, select the Enable Schedule Snapshots check box. By clearing this check box, all scheduling functions are disabled. Next snapshot time Shows the time that your next snapshot is currently scheduled to be taken. Snapshot type Select the snapshot type you want to schedule. Full System Snapshot A snapshot of a computer that contains enough information to restore the computer in the event of a disaster. A Full System Recovery can only be performed from a Full System Snapshot. In addition to whatever files you select, a Full System Snapshot always contains the information about the computer’s disk partitions and drives and the Windows registry. You can also include any additional data from local drives. A Full System Snapshot does not have to contain all of the computer’s files and folders. Partial snapshot Choose this option to have Recovery Solution include only the files and folders you select in the snapshot. You must specifically add files and folders to the snapshot, using the Add, Remove, and Edit buttons. Note Files and folders that are specified on the Exclude tab of the Recovery Agent Options for this computer are not included. Start Time Days Select the box next to each day of the week that you want Recovery Solution to take a snapshot. The snapshot is started during the scheduled interval you choose below. Choose the time of day at which you want scheduled snapshots to start. Recovery Solution Reference Guide 167 After Choose the desired start time for scheduled snapshots. This is the earliest time at which the snapshot can occur on each scheduled day. Recovery Solution attempts to start the snapshot at this time. If the snapshot cannot be started at this time because the computer was turned off or off-line, Recovery Solution will keep trying until the latest start time you specify in the next field. Before Choose the latest time at which you want to allow scheduled snapshots. On each day, a snapshot is scheduled, Recovery Solution keeps attempting to start the snapshot until either it succeeds or the time you specify here is reached. If this time is reached and Recovery Solution has been unable to start the snapshot, no scheduled snapshot occurs on this day. Conditions The following settings control when a snapshot will occur. As soon as user turns on the computer: Select this box to have Recovery Solution start a day’s scheduled snapshot as soon as your computer is turned on. In server-based mode, it is not necessary to log onto the computer to take the snapshot, but your computer must already have a physical connection to the network. This option is generally useful for desktop computers connected to a LAN. A snapshot is started only if there is one scheduled to take place at the same time or later on the same day, or if the end time for the previous day’s snapshot has not yet been reached. No snapshot is started if the scheduled snapshot time has passed, even if no snapshot took place during the scheduled period. Only one scheduled snapshot is taken each day, no matter how many times the computer is turned on. Note The snapshot will not start immediatelly after logon. It starts after a 12-minute timeout in local mode or after a 10-minute timeout in network mode. As soon as user resumes the computer: Select this box to have Recovery Solution start a day’s scheduled snapshot as soon as your computer is resumed after you have suspended it. This option is generally useful for notebook computers. A snapshot is started only if there is one scheduled to take place at the same time or later on the same day, or if the end time for the previous day’s snapshot has not yet been reached. No snapshot is started if the scheduled snapshot time has passed, even if no snapshot took place during the scheduled time period. Only one scheduled snapshot is taken each day, no matter how many times the computer is suspended and resumed. Note The snapshot will not start immediatelly after logon. It starts after a 8-minute timeout in local mode or after a 6-minute timeout in network mode. As soon as user docks the computer: Select this box to have Recovery Solution start a day’s scheduled snapshot as soon as your computer is docked on the network. This option is generally useful for laptop computers. A snapshot is started only if there is one scheduled to take place at the same time or later on the same day, or if the end time for the previous day’s snapshot has not yet been reached. No snapshot is started if the scheduled snapshot time has passed, even if no snapshot took place during the scheduled time period. Only one scheduled snapshot is taken each day, no matter how many times the computer is docked. Recovery Solution Reference Guide 168 Note The snapshot will not start immediatelly after logon. It starts after a 7-minute timeout in local mode or after a 5-minute timeout in network mode. As soon as computer goes into idle state: Select this box to have Recovery Solution start a day’s scheduled snapshot as soon as your computer goes idle. Note The snapshot will not start immediatelly after logon. It starts after a 6-minute timeout in local mode or after a 4-minute timeout in network mode. Use System Defaults By default, the Use systems defaults checkbox is selected. When selected, the Recovery Agent uses the settings configured by the administrator or the default settings. To customize settings, clear the checkbox. To revert back to the administrator’s settings, select the checkbox. Administration Dialog Box (server-based mode only) To access this dialog box, open Recovery Agent Options (see View Your Recovery Agent Options on page 15) and click the Administration tab. Recovery Solution Server This area displays information and options relating to the Altiris Recovery Solution Server and your data on it. Server name This area displays the name of the Recovery Server that stores the snapshots of your computer. You cannot change this name here. To use a different server, you must uninstall and reinstall the Recovery Agent. Change Recovery Agent Description Click this button to change the description of the computer. When the Change Recovery Agent Description dialog box appears, type a description for your computer. This description is used for Recovery Solution and is not necessarily related to your Windows computer description. In most cases, you do not need to change this value. Server storage space used This is the amount of disk space on the server that has already been used by your computer. For common files that are identical to files stored on other computers, your disk space usage is calculated as a fraction of the total storage space required for the file. This is because Recovery Solution stores the file only once on the server, no matter how many computers have it in their snapshots. Example: if 20 computers each protect an identical copy of the system file kernel32.dll, that is 731920 bytes in size, this counts as 731920 / 20 = 36596 bytes of storage space used by your computer. Recovery Solution Reference Guide 169 Server storage space usage quota The server storage quota limits the computer storage space on the server. If the storage quota is enabled by administrator and you exceed the quota then all snapshots from your computer will be blocked until the limit is increased or the storage space used by this computer on the server is decreased during the space management job. General Dialog Box These options allow you to view log files related to your computer’s snapshots and restore jobs and manage the Altiris Recovery Partition for local snapshots. To access this dialog box, open Recovery Agent Options (see View Your Recovery Agent Options on page 15) and click the General tab. This section contains the following options: z User Interface Language Preferences (page 170) z Recovery Solution Logs (page 170) z Altiris Recovery Partition for local snapshots (local mode only) (page 170) z Connection Settings (server-based mode only) (page 171) z Use System Defaults (page 172) User Interface Language Preferences You can select the language the Recovery Agent user interface is displayed in. However, the language settings will not take effect in the currently opened Recovery Agent windows and dialogs. Close the options dialog box and reopen it to apply the language change. Recovery Solution Logs Activity Log Click this button to view a history of your computer’s Recovery Solution activity, including all snapshot and restore jobs. This log is stored in a text file. Event Log Click this button to open the Event Viewer so you can view all logged Recovery Solution events. This information is provided in the event viewer. Altiris Recovery Partition for local snapshots (local mode only) When using Recovery Solution in local mode, snapshots are stored in a hidden partition on your hard disk called the Altiris Recovery Partition. By default the Altiris Recovery Partition is created when the Recovery Agent is installed. These buttons create and remove Altiris Recovery Partitions. Create If no Altiris Recovery Partition exists, click this button to create a partition that local snapshots can be stored on. This enables the functionality of local snapshots. Recovery Solution Reference Guide 170 To add additional storage resources, see Storage Locations Dialog Box (local mode only) on page 180. Resize If an Altiris Recovery Partition exists, click this button to delete the existing partition and create a new one. Caution If you have snapshots on this partition, all your local snapshots will be lost. Data Removal Click this button to launch the Recovery Solution Data Removal wizard to remove all user data from the Altiris Recovery Partition. This disables the functionality of local snapshots. Caution If you have snapshots on this partition, all your local snapshots will be lost. Check Now You can have Recovery Solution do a self-check of the Altiris Recovery Partition. This procedure requires the computer to be restarted. Connection Settings (server-based mode only) Connection type This shows the connection type used to communicate with the Recovery Solution Server—DCOM, HTTP, or HTTPS. Port You can see the port number to be used for communication with Recovery Server. Use encryption when communicating with the Recovery Solution Server Check this box to turn on DCOM encryption. This causes Recovery Solution to perform the following functions when sending or retrieving data from the server. z Validation on the source of the data. Recovery Solution does a second check to ensure that files in your snapshot are really coming from your computer rather than from some other source, and that files you restore are really coming from the server. z Data integrity checking. Recovery Solution verifies that the data are intact and free of errors, reducing the chances of data corruption. z Data encryption. Encryption is especially useful if you are concerned about transmitting confidential data through connections that may not be secure, such as Dial-Up Networking (RAS) or the Internet. Snapshots, restores, and file information are encrypted during transmission only. The data stored on your computer and on the server are not encrypted. Recovery Solution Reference Guide 171 Note On Windows 98 computers, only data that is transmitted to the server is encrypted, not data that comes from the server (Example: snapshots are encrypted, but recoveries are not). This is because of a limitation of Windows 98, which cannot receive encrypted DCOM data. Because of government regulations in France, no data encryption is performed if you are running Recovery Solution on a French version of Windows. However, this option still enables source validation and data integrity checking. Use System Defaults By default, the Use systems defaults checkbox is selected. When selected, the Recovery Agent uses the settings configured by the administrator or the default settings. To customize settings, clear the checkbox. To revert back to the administrator’s settings, select the checkbox. Space Management Dialog Box To access this dialog box, open Recovery Agent Options (see View Your Recovery Agent Options on page 15) and click the Space Management tab. Note This tab only appears if your administrator has given you the right to edit your own space management rules. This section contains the following options: z Default Rules (page 172) z Exception Rules (page 173) z Use System Defaults (page 173) Default Rules This area specifies the default space management rules that you want to apply to all files on your computer. You can make exceptions to these rules in the Exception Rules area below. Delete snapshots older than Specify the length of time for which the snapshot of the item should be kept. If you select this box, then the item will be deleted after the amount of time you specify. Delete files after they have been deleted from your computer Specify the length of time for which the snapshot of the item should stay after the original copy has been deleted from your computer. If the original item is not deleted, then the snapshot copy will not be deleted either. Recovery Solution Reference Guide 172 Exception Rules This area specifies exceptions to the default rules that are configured above. You can make exceptions for any number of folders or files. The exceptions always override the default rules, regardless of whether the length of time you specify is longer or shorter than the default. Use System Defaults By default, the Use systems defaults checkbox is selected. When selected, the Recovery Agent uses the settings configured by the administrator or the default settings. To customize settings, clear the checkbox. To revert back to the administrator’s settings, select the checkbox. Misc Dialog Box To access this dialog box, open Recovery Agent Options (see View Your Recovery Agent Options on page 15) and click the Misc tab. This area contains miscellaneous Recovery Agent options. Note Some of these features may not be available in the standard Local Recovery version. If a setting is inactive, you do not have the rights to change it. Take a snapshot whenever I log off my computer This option configures Recovery Solution to start a snapshot as soon as you log off, restart, or shut down your computer. At logoff time, the snapshot runs automatically after a short delay. Before it runs, you have the chance to skip that specific snapshot. Another snapshot will run the next time you log off. In server-based mode, your computer must have a physical connection to the network. Notes The snapshot prompt appears no matter which logoff option you choose (log off, restart, or shut down). However, you should check that the logoff option displayed in the dialog box is the one you actually want. If Windows continues logging off before the snapshot timeout is complete, you might need to configure Windows to give Recovery Solution enough time to start the snapshot before the logoff occurs. Notify me when a scheduled snapshot completes successfully Select this box if you want to see a message when your scheduled snapshots complete successfully. You will always see a message if your snapshot fails, whether or not this box is checked. Notify me when a scheduled snapshot fails This option configures the Recovery Agent to display a message if a scheduled snapshot fails. Recovery Solution Reference Guide 173 Show progress indication of the scheduled snapshot Select this option if you want to show the progress indicator when scheduled snapshots are taken. Clear the check box to have the indictor hidden during scheduled snapshots. Attempt to wake the client before a scheduled snapshot If this option is selected in server-based mode, and if your computer has a Wake on LAN enabled network card, and if your computer is not in “awake” status, Recovery Solution will attempt to wake your computer in order to perform a scheduled snapshot. If this option is selected in local mode, and the computer uses OnNow power management, Recovery Solution will attempt to wake your computer while it is in stand-by mode in order to perform a scheduled snapshot. Show the Welcome screen when I start Windows Select this box to display the Recovery Solution startup screen whenever your computer starts. Show the status icon in the Windows system tray Select this box to display the Recovery Agent icon in the tray at the end of your Windows task bar. This icon shows the status of Recovery Solution. You can also use the icon to access Recovery Solution features. Show Recovery Agent options in Start Menu Select this box to show the Recovery Agent options in Windows Start menu programs. Show Recovery Agent Desktop icon Enable this to show the Recovery Agent desktop icon. Use system defaults By default, the Use systems defaults checkbox is selected. When selected, the Recovery Agent uses the settings configured by the administrator or the default settings. To customize settings, clear the checkbox. To revert back to the administrator’s settings, select the checkbox. Full System Recovery Dialog Box To access this dialog box, open Recovery Agent Options (see View Your Recovery Agent Options on page 15) and click the Full System Recovery tab. Note This option is available only in local mode. This area contains Recovery Agent options for Full System Recovery. F11 Recovery Settings This section lets you configure the F11 Recovery prompt appearing on computer startup. Configure the following options in this section: Show F11 Recovery prompt Lets you disable the F11 Recovery prompt appearing on computer startup Recovery Solution Reference Guide 174 Note If this option is disabled, pressing F11 on computer startup still starts Full System Recovery even though the prompt does not appear. Protect F11 Recovery with password Lets you specify the password for protection Use system defaults By default, the Use systems defaults checkbox is selected. When selected, the Recovery Agent uses the settings configured by the administrator or the default settings. To customize settings, clear the checkbox. To revert back to the administrator’s settings, select the checkbox. Create Recovery DVD Click this button to launch the Recovery DVD Wizard. If this button is not available, then you do not have permission to create Full System Recovery DVDs. Contact your Recovery Solution administrator if you need to create Full System Recovery DVDs for your computer. See also: Full System Recovery Options (page 41). Remote Access Dialog Box (server-based mode only) These options control snapshots that are taken when your computer uses remote access to connect to a Recovery Solution Server, such as dial-up networking and VPN connections. To access this dialog box, open Recovery Agent Options (see View Your Recovery Agent Options on page 15) and click the Remote Access tab. This section contains the following options: z Snapshot type (page 167) z Start Time (page 167) z Use System Defaults (page 177) Snapshot Type Full System Snapshot A snapshot of a computer that contains enough information to restore the computer in the event of a disaster. A Full System Recovery can only be performed from a Full System Snapshot. In addition to whatever files you select, a Full System Snapshot always contains the information about the computer’s disk partitions and drives and the Windows registry. You can also include any additional data from local drives. A Full System Snapshot does not have to contain all of the computer’s files and folders. Recovery Solution Reference Guide 175 Partial snapshot Click this option to have Recovery Solution take a snapshot of only the drives you select. You can choose to include or exclude any local hard drive on your computer, whether or not it has system information on it. Note Files and folders that are specified on the Exclude tab of the Recovery Solution properties for this computer are not included in the snapshot. Take a snapshot of all data on Check the box next to each drive of which you want Recovery Solution to take a snapshot. If this is a Full System Snapshot, you cannot clear the check box next to the drive that contains the operating system or other files needed for a Full System Recovery. If you do not need a Full System Snapshot and do not want to include these files, click Partial snapshot as the snapshot type. We recommend that you include all drives, both to protect all the data and to ensure that any files needed to start your computer are included, even if they are not stored on the boot or system drives. Snapshot Settings Take each day’s snapshot as soon as I start remote access Select this box to have Recovery Solution take a day’s scheduled snapshot as soon as a remote connection is made to the network. This is the best way to guarantee that your data is protected. Even while connected to the network, portable and remote computers are often difficult for the server to reach because they frequently are not configured to use Domain Name System (DNS) names. Display a message before taking the snapshot Select this box to have Recovery Solution prompt you before taking an automatic snapshot over a remote connection to the network. You will have the option to start or cancel the snapshot. If this box is cleared, Recovery Solution does not prompt you, but starts taking the snapshot automatically. Take each day’s snapshot as soon as computer connects to the server Select this box to have Recovery Solution take a day’s scheduled snapshot as soon as the computer connects to the server. Continue incomplete snapshot from the break point This option configures Recovery Solution to restart the snapshot from the failure point or break point if a user’s snapshot was cancelled or interrupted. This feature provides users with the ability to recover from a broken connection with the server at the exact same place as when their connection was broken. This is especially useful to remote users. If this feature is enabled, or if you manually restart an interrupted snapshot, a dialog is displayed giving the option of continuing the snapshot from the break point or skipping the incomplete snapshot and starting a new one. Skip Outlook files snapshot To increase performance while doing backups, you can exclude Microsoft Outlook PST files from being backed up. Recovery Solution Reference Guide 176 Use System Defaults By default, the Use systems defaults checkbox is selected. When selected, the Recovery Agent uses the settings configured by the administrator or the default settings. To customize settings, clear the checkbox. To revert back to the administrator’s settings, select the checkbox. Excludes Dialog Box To access this dialog box, open Recovery Agent Options (see View Your Recovery Agent Options on page 15) and click the Excludes tab. Caution The files you enter here are excluded from all manual and automatic snapshots. Choose excluded files carefully (see Excluding Files from Snapshots on page 35). Excluding the wrong files might mean that there is not enough information in a snapshot to perform a Full System Recovery. Files and folders to exclude from all snapshots From the list, choose the files and folders that you do not want included in your snapshots or add a new item. Use the buttons below the list to modify the items in the list. If a folder icon appears next to an item, then this item is a folder. Any files with the listed name are not excluded unless you add another item to the list and indicate that it is a file. The reverse is true if a file icon appears next to an item. If the icon next to an item appears with a padlock , then you cannot change it. When you add or edit the excluded items, the following options are available: z Files and Folders to Exclude Dialog Box (page 177) z Exception from Exclude List (page 179) Use system defaults By default, the Use systems defaults checkbox is selected. When selected, the Recovery Agent uses the settings configured by the administrator or the default settings. To customize settings, clear the checkbox. To revert back to the administrator’s settings, select the checkbox. Files and Folders to Exclude Dialog Box This dialog box appears when you add or edit an item in the Files and folders to exclude from all snapshots list on the Excludes tab. See also: z Select Folder or File Name (page 178) z Choose the Type of Item to Exclude (page 178) z Choose Where to Exclude This Folder or File (page 178) Recovery Solution Reference Guide 177 Select Folder or File Name Type the name of the file or folder to exclude from snapshots. Browse Click the browse button to browse to the folder or the file you want to add to the list. This button is only available if you choose Exclude only this path under Choose where to exclude this folder or file. Otherwise, the Browse button is dimmed. The dialog box that appears when you choose Browse depends on the option you selected under Choose the type of item to exclude. If you specified that this is a folder, you will be able to browse for a folder here. If you specified that this is a file, then you can browse for a file. Choose the Type of Item to Exclude Choose the appropriate option to describe the name you entered above. Recovery Solution only adds items to the list if they match the type you specify. Example: if you enter “C:\TEMP” and select This is a file, Recovery Solution does not exclude the C:\TEMP folder. This is a folder Click this option to specify that the name you entered above is a folder rather than a file. This is a file Click this option to specify that the name you entered above is a file rather than a folder. Choose Where to Exclude This Folder or File Choose the locations from which you want Recovery Solution to exclude the item you entered above. Exclude this folder or file name everywhere Choose this option to exclude the item from every location that Recovery Solution encounters it during a snapshot. Exclude only this path on Choose this option to specify that the text you entered above should be treated as a path to a specific folder or file. If you choose this option but you specify only a folder or file name without a path, Recovery Solution only excludes that folder or file from the root directory of the drive. Example: if you type logfile.txt as the name of the item to exclude, then choose Exclude only this path on, Recovery Solution excludes files such as c:\logfile.txt and d:\logfile.txt (depending on your drive settings below). However, Recovery Solution does not exclude logfile.txt files found elsewhere on a drive. Specify below which drives you want to exclude the path from. All drives Choose this option to exclude the above path from every drive during Recovery Solution snapshots. Recovery Solution Reference Guide 178 This drive only Choose this option to exclude the above path only from a specific drive. Type the drive letter in the box. Exception from Exclude List This dialog box appears when you add or edit an item in the Exceptions list in the Excludes dialog window. The files and folders added to the exceptions will be included into the snapshot even if there is a rule according to which they must be excluded. See also: z Folder or File Name (page 179) z Choose the Type of Item to Include (page 179) z Choose Where to Include This Folder or File (page 179) Folder or File Name Type the name of the file or folder to include into snapshots. Browse Click the browse button to browse to the folder or the file you want to add to the list. This button is only available if you choose Include only this path under Choose where to include this folder or file. Otherwise, the Browse button is dimmed. The dialog box that appears when you choose Browse depends on the option you selected under Choose the type of item to include. If you specified that this is a folder, you will be able to browse for a folder here. If you specified that this is a file, then you can browse for a file. Choose the Type of Item to Include Choose the appropriate option to describe the name you entered above. Recovery Solution only adds items to the list if they match the type you specify. Example: if you enter “C:\TEMP” and select This is a file, Recovery Solution does not include the C:\TEMP folder. This is a folder Click this option to specify that the name you entered above is a folder rather than a file. This is a file Click this option to specify that the name you entered above is a file rather than a folder. Choose Where to Include This Folder or File Choose the locations where the included item (entered above) can be found. Include this folder or file name everywhere Choose this option to include the item from every location that Recovery Solution encounters it during a snapshot. Recovery Solution Reference Guide 179 Include only this path on Choose this option to specify that the text you entered above should be treated as a path to a specific folder or file. If you choose this option but you specify only a folder or file name without a path, Recovery Solution only includes that folder or file from the root directory of the drive. Example: if you type logfile.txt as the name of the item to include, then choose Include only this path on, Recovery Solution includes files such as c:\logfile.txt and d:\logfile.txt (depending on your drive settings below). However, Recovery Solution does not include logfile.txt files found elsewhere on a drive. All drives Choose this option to include the above path from every drive during Recovery Solution snapshots. This drive only Choose this option to include the above path only from a specific drive. Type the drive letter in the box. Rollback Data Dialog Box To access this dialog box, open Recovery Agent Options (see View Your Recovery Agent Options on page 15) and click the Rollback Data tab. File types to exclude from rolling back and deleting You can exclude specific file types from being restored. The excluded file types are listed. To add a file type to the list, click the Add button, and select a file type from the list. To remove a file type from the list, select the file type and click Remove. Use system defaults By default, the Use systems defaults checkbox is selected. When selected, the Recovery Agent uses the settings configured by the administrator or the default settings. To customize settings, clear the checkbox. To revert back to the administrator’s settings, select the checkbox. Storage Locations Dialog Box (local mode only) To access this dialog box, open Recovery Agent Options (see View Your Recovery Agent Options on page 15) and click the Storage Locations tab. This section contains the following options: z Location for stored data on the Recovery Agent (page 180) z Adding Additional Storage Locations (page 181) z Managing Additional Storage Locations (page 181) z Managing the Temporary Retention Folder (page 182) Location for stored data on the Recovery Agent This lists the storage locations on your computer where snapshots are stored. By default, the Altiris Recovery Partition that was created when the Recovery Agent was Recovery Solution Reference Guide 180 installed is listed. If you have created other storage locations, they will be displayed as well. If the icon is a light blue disk, the location is active. If the icon is light blue but has an X through it, the location is full or is not active. If the icon is red, the location is disabled. If the icon is yellow, the location has been specified, but has not been saved. The Maximum size shows the total size of the storage location. This size is set when the partition is created. The Used space shows the combined size of all the files on the storage location. The Free space shows the amount of free space on the storage location. Adding Additional Storage Locations Note This feature is not available in the standard Local Recovery version. If you need additional space to store snapshots, you can either increase the size of the original Altiris Recovery Partition or create additional storage locations. To increase the size of the original Altiris Recovery Partition, click Resize on the General Tab to re-create the partition with a different size. For more information, see General Dialog Box on page 170. You can add additional storage locations to other hard drives on your computer. Additional storage locations have the following requirements: z It cannot exist on a system hard disk drive (HDD0) z It cannot be removable media, it must be a fixed hard drive z It cannot be a network resource, it must be a local hard drive To add an additional storage location 1. Click Add. 2. Enter or browse to the path on the other drive. 3. (Optional) If you want to limit the size of the location, clear the No storage limit check box, and enter the maximum size. 4. Click OK. 5. Click Apply. Managing Additional Storage Locations Note This feature is not available in the standard Local Recovery version. From the Storage Locations tab, you can manage additional storage locations that you have created after Recovery Agent was installed. You cannot manage the original Altiris Recovery Partition here. Instead, you must use the General Tab. For more information, see General Dialog Box on page 170. Click Edit to modify the properties of an additional storage location. Click Delete to remove an additional storage location. Recovery Solution Reference Guide 181 Note If data is on the location, you cannot delete it. Click Disable to prevent Recovery Solution from storing snapshots to that storage location. Managing the Temporary Retention Folder The Temporary retention folder specifies the path used to store temporary files during space management jobs. Use system defaults By default, the Use systems defaults checkbox is selected. When selected, the Recovery Agent uses the settings configured by the administrator or the default settings. To customize settings, clear the checkbox. To revert back to the administrator’s settings, select the checkbox. Recovery Solution Reference Guide 182 Chapter 11 Advanced Recovery Agent Tasks This section describes the following advanced Recovery Agent tasks: z Excluding Files from Snapshots (page 183) z Performing Rollbacks (page 187) z Full System Recovery Options (page 189) z Using Web-Based File Recovery (page 192) Excluding Files from Snapshots Recovery Solution lets you specify files and folders to exclude from all snapshots. To exclude files, use the Excludes Dialog Box (page 34). This section contains the following topics: z Why Exclude Files? (page 183) z Files and Folders You Should Never Exclude (page 183) z Examples of Files and Folders to Exclude (page 184) Why Exclude Files? Excluding files and folders you do not need has several advantages. z Snapshots and some restore operations are performed more quickly. z Snapshots take up less space. z Folder snapshots contain only the files you really need, making it easier to locate important data when you need to restore it. Files and Folders You Should Never Exclude Certain files and folders are required for the proper system configuration, and a Full System Recovery cannot be performed without them. In addition, some file extensions, such as .DLL, are nearly always associated with valid data. C:\, C:\DOS, C:\WINDOWS, and C:\WINNT These are boot and operating system folders necessary to start the computer. If the contents of these folders are excluded, Full System Recovery might be impossible. You should include all subfolders of the Windows folder, particularly the SYSTEM and SYSTEM32 subfolders. The only exceptions are the specific cache subfolders specified below, the contents of which you might want to exclude. C:\BOOT.INI, C:\NTDETECT.COM, C:\NTLDR These files in the root folder are needed to start Windows 2000/XP. Recovery Solution Reference Guide 183 *.BAT, *.COM, *.EXE These are program and command-line script files. *.386, *.DLL, *.DRV, *.PNF, *.SYS, *.VXD These are system files needed for proper system configuration. If they are damaged, the computer might not start. Without them, Full System Recovery is impossible. *.INI These are configuration settings. *.DOS, *.W40 On multi-boot computers, these files store information necessary to start the computer in other operating systems. Examples of Files and Folders to Exclude Below are some examples of files and folders that you might want to exclude from Recovery Solution snapshots. Read the description of each item carefully before you decide to exclude it. While most users do not need the data in these files, you might have a good reason for including them in your snapshots. Some of these files are excluded by default. Caution Even if you exclude these files from your Recovery Solution snapshots, do not delete the files themselves from your computer. Even though they probably contain no critical data, it is necessary that some of these files exist for Windows to work properly. _RESTORE Folders with this name might be created in Windows XP if you perform a System Restore using the Windows System Restore tool. The folders contain information about past System Restores so that they can be undone. Recovery Solution provides similar but more flexible functionality with the rollback feature. PAGEFILE.SYS This file is used to create virtual memory while Windows is running. It is usually stored in the root folder of drive C. Depending upon the computer’s configuration, the file can become quite large, although it does not contain any data that is saved between one Windows session and the next. WIN386.SWP Like pagefile.sys, the file win386.swp is used in Windows 98 to create virtual memory, and can become quite large. The temporary file that Windows deletes whenever the computer is shut down or restarted is win386.swp. It is usually stored in the Windows folder. 386SPART.PAR This is the Windows 3.1 equivalent of win386.swp. If you upgraded from Windows 3.1 to your current version of Windows, 386spart.par might still exist on your computer, even though it is no longer needed. Recovery Solution Reference Guide 184 Disk compression container files If you are running a disk compression program (such as DriveSpace, Stacker, or SuperStore), exclude the container files, which store the compressed information created by the programs. Example: a typical DriveSpace file is named drvspace.000; a typical compressed Stacker file is stacvol.dsk. Because the container files actually hold much of the data on an entire compressed drive, it is very likely that these files will change every day. It takes much longer for Recovery Solution to find the changes in such large files and take their snapshot than to take a snapshot of the drive itself. Simply include the letter of the compressed drive, but exclude the container files, and all data is included. Hibernation files Some computers and operating systems support hibernation that lets you turn off your computer without losing any data in memory. This is accomplished by writing the data in memory to special hibernation files, which can become quite large. Protecting these files could significantly slow down your snapshots, increase the strain on the network and the server, and in some cases prevent recoveries from working properly. You should always save your work before putting your computer into hibernation. As long as you do, the only contents of the hibernation files will be nonessential information such as the current running applications, window positions, and view settings. Listed below are some of the hibernation files used by various systems. z hiberfil.sys is used by Windows XP and Windows 2000. z hibrn8.dat is used on Compaq notebooks. z pm_hiber.bin is used on IBM notebooks. z save2dsk.bin is used on IBM notebooks. z toshiber.dat is used on Toshiba computers. C:\TEMP Some computers use this folder as a storage place for temporary files. C:\WINDOWS\TEMP or C:\WINNT\TEMP This folder stores temporary files. Substitute your own Windows folder in this path if Windows was not installed in the default folder. *.TMP Files with this extension are usually temporary files. ~*.* Files that begin with a tilde (~) are usually temporary files. Web browser cache As you browse the Web, the browser stores files, such as HTML documents and graphics files, in a cache folder on the computer. Over time, the cache folder can become quite large, sometimes containing thousands of files. These files are saved only to improve the speed of Web browsing; they are usually not needed by the browser or by you. Recovery Solution Reference Guide 185 If Microsoft Internet Explorer is your Web browser, your browser cache file is usually the TEMPORARY INTERNET FILES subfolder of your Windows folder. If the Web browser is Netscape Navigator, the browser cache is usually located somewhere within the Netscape Navigator folder. *\MSDOWNLD.TMP Folders by this name are created and used by Microsoft Web sites when you download and install software from those sites. These folders are usually created in the root of a hard drive, and they might exist on multiple hard drives. They are not needed after the software installation is complete. Internet history If you use Microsoft Internet Explorer as your Web browser, the HISTORY subfolder of the Windows folder contains information about Web sites that you have visited, allowing you to easily return to those sites later. If you do not need this information, you can exclude it from your Recovery Solution snapshots. *.GID, *.FTS, *.FTG Files with these extensions are usually cache files that are created automatically when a Help file is opened. These cache files do not store any information that is necessary to use Help. *.BAK Files with this extension are typically backup files that applications create automatically while the main data files are being edited. A *.BAK file can sometimes be used to restore the data in case the main file becomes corrupted, but because copies of the main data file are also being stored on the server, there should rarely be a need to include *.BAK files in snapshots. RB001.CAB, RB002.CAB, RB003.CAB, RB004.CAB, RB005.CAB Some versions of Windows store registry backups using these file names. Because the registry is protected during Full System Snapshots, there should be no need to include the registry backup files as well. C:\Program Files\Altiris\Recovery Solution Agent\Data\C\*.DTF These cache files are used by Recovery Solution to help speed up snapshots. Recovery Solution will re-create them if necessary. If you have more than 1 hard disk drive, you can add the additional DATA subfolders \Data\D\*.DTF, \Data\E\*.DTF, and so forth, to exclude all these files. Caution You should not exclude all .DTF files everywhere (*.DTF). This file extension is also used by other applications. Recovery Solution Reference Guide 186 Performing Rollbacks This section describes how to roll back computers to a previous state. Rollback is used to repair your operating system and applications when your computer is not functioning properly. If you can start your operating system and open the Recovery Agent Options dialog, you can use the Rollback feature. To roll back the computer from Windows, open Recovery Agent Options (see View Your Recovery Agent Options on page 15). On the Snapshot and Restore tab, click Rollback (see Rollback Dialog Box on page 187). Note You can replace all the files on your computer with the files in your Full System Snapshot. This will replace all the files on your computer with the files that were copied during your initial snapshot. You can then use the Recovery Agent to restore files from a more current snapshot. Rollback Dialog Box Use this dialog box to return part or your entire computer to the state it was in at the time of a specific Full System Snapshot. Caution You might lose some data that is currently on your computer because some of your files will be overwritten with older versions. Only use Rollback as a last resort. If the file system of a drive has been changed because the snapshot is selected for rollback (Example: from FAT to NTFS), then the drive’s boot sector is not restored during rollback. This could prevent the drive from starting after the rollback is complete. Before starting the rollback, you should close all open programs on your computer. Recovery Solution automatically runs a Full System Snapshot before the rollback starts. Therefore, closing all programs helps to ensure that the latest versions of all data files are protected. Do not perform rollbacks from Windows XP with Service Pack 1 or Service Pack 2 to a “clean” Windows XP as it may cause your computer to become unusable. Use Windows Add/Remove Programs to remove the Service Pack instead, then run rollback if needed. Notes You can only roll back your computer if your disk configuration is the same as it was at the time of the snapshot you are restoring. Example: if you changed drive letters or resized your drives since the time of a snapshot, then you cannot roll back to this particular snapshot. You cannot roll back your computer if your computer uses Windows 2000/XP disk volume sets, stripe sets, or fault-tolerant drives. There is a setting that determines whether or not files that did not exist in the snapshot you roll back to are deleted from your computer during the rollback. The default is to delete the files. In server-based mode, your administrator specifies the setting. In local mode, the setting is in this dialog box. Recovery Solution Reference Guide 187 If you were previously running Microsoft Office 97 but upgraded to Microsoft Office 2000, you should try to avoid rolling back your computer to a point in time when you had Office 97 installed. This might cause some Office files to be restored incorrectly. If you must do this, you might need to reinstall Office after the rollback is complete. If you are running Windows 2000 with Service Pack 2, and you are to roll your computer back to a previous operating system, a Windows File Protection message might appear during the rollback. You can either cancel the prompt to restore Service Pack 2 files (choosing to keep the existing files), or simply ignore the prompt altogether. Do not restore the files. If you do, your computer will be in an indeterminate state and could stop working properly. Performing a rollback could cause some evaluation software to claim that it has expired, preventing you from continuing to use the software. If your computer’s drive configuration has changed since the time of the snapshot to which you are rolling back, then the rollback restores your old drive configuration, but it is possible that one or more of your drives contains no data after the rollback is complete. To restore the data, perform a second rollback to the same snapshot you chose for the first rollback. After the rollback is complete, you might have to re-create temporary folders manually. These are usually not included in snapshots and are therefore not restored to your computer. Certain applications might require the existence of temporary folders before they will work properly. In versions of Windows that include the System Restore feature, Recovery Solution creates a restore point before starting the rollback. Before rolling back your computer, Recovery Solution automatically takes a snapshot of your computer to ensure that your most recent files are protected. After the rollback, you can restore any files you need that were overwritten by the rollback. Snapshot list: Choose a snapshot to return to. Only Full System Snapshots are listed. Notes (server-based mode) If any date and time settings are different between your computer and the server, some older snapshots might not be available for rollback. To see all available snapshots, the following settings must be identical on your computer and the server: the date and time, the time zone, the state of the option to automatically adjust the clock for Daylight Savings Time (whether this option is on or off). The snapshots performed before an upgrade will not appear in the list. Items to restore: Choose which files you want to restore to your computer. Restore system and application files only: Choose this option to restore just operating system and application files. This type of rollback will not restore data files, which are determined by file name extension. If you are not sure whether any file you wish to restore is an application or data file, check Restore all files. Note You can specify which file types are considered to be user data files or documents and will not be rolled back or deleted on the Rollback Data tab (if your administrator allowed this through the Altiris Console). For details, see Rollback Data Dialog Box on page 37. Recovery Solution Reference Guide 188 Restore all files (including your data files): Choose this option to restore data files as well as program files. All of your applications and settings will be returned to their previous state, and all of your data will be restored. Caution This option overwrites data files as well as program files. Some of your files might be overwritten with older versions. Roll back master boot record: (server-based mode only) Choose this option if you want to restore the computer's master boot record and the boot sectors of all primary partitions. The master boot record is necessary to start Windows. It contains information about the computer's disk partitions and passes this information along to other programs in order to start the computer. The partition tables themselves are not rolled back by Recovery Solution, but the program that reads the partition information is. You might want to roll it back if you suspect that it has become damaged or infected by a virus. Caution If the file system of a drive has been changed since the snapshot selected for rollback (Example: from FAT to NTFS), then the drive's boot sector is not restored during rollback. This could cause the drive from starting after the rollback is complete. Enable Rollback file deletion: Choose this option if you want to delete computer files that are not present in the snapshot you are rolling back to. Which files are deleted depends on what you choose to roll back. If you roll back only system and application files, then only system and application files that are not present in the snapshot are deleted. If you do not choose this option, no files are deleted during the rollback. Note After the rollback is complete, a text file named DELETION.LOG, stored in the computer's installation folder for Recovery Agent, contains information about which files were deleted. Continue: Click this button to continue with the rollback. See also: Rollback Error Dialog Box (page 189). Rollback Error Dialog Box This dialog box appears when errors occur during rollback. One reason you might see this message is if the server is temporarily unavailable. If you cannot fix the error, you might be able to restart the computer, and then continue with manual file restore. For more information about manual file restore, see View and Restore Protected Files on page 17. Full System Recovery Options If you take full system snapshots of your system regularly, you can perform full system recovery of your computer in case of failure. You can use a full system recovery in a variety of situations, such as fixing an operating system that cannot start or recovering data to a replaced hard disk or stolen notebook. Recovery Solution Reference Guide 189 In the case where the operating system can start, a rollback is preferable because it requires less time. Note In server-based mode, you can use the server-based Full System Recovery Wizard to create the full system recovery CD/DVD-ROMs. This section contains the following topics: z Local Full System Recovery from DVD-ROM (page 190) z Using the F11 Option in Local Mode (page 192) Local Full System Recovery from DVD-ROM You can perform a full system recovery using the DVD-ROM created using the Local Full System Recovery Wizard. The Full System Recovery Wizard lets you create bootable DVD ISO images and burn them to single-layer (4.7 GB) or double-layer (8.5 GB) DVDs, which you can later use to perform a full system recovery. To create the Recovery DVD set in local mode To start the Full System Recovery DVD Wizard, open Recovery Agent Options (see View Your Recovery Agent Options on page 15). On the Full System Recovery tab, click Create Recovery DVD to launch the Recovery DVD Wizard. Note The Full System Recovery Wizard creates large image files in the temporary folder that you specify. Depending on the amount of data on your hard drive, there must be enough space on your computer to hold these files. To create DVD-ROMs from the full system recovery images, you must use the feature of your DVD writing software that is specifically designed to extract the image information from a standard .ISO file and write it to a DVD-ROM. The option is typically called something like "Create DVD From Image File." If you simply copy the file to the DVDROM, it will not work for full system recovery. To run full system recovery from DVD-ROM Start the computer from the first disk in the Full System Recovery DVD-ROM set and follow the instructions on the screen. The Full System Recovery process runs automatically. Caution The Full System Recovery process reformats all the local hard disk drives. All existing information will be lost. The number and the size of hard disk drives on a computer at the time of full system recovery must be the same as or larger than the number and the size of drives present at the time of the full system snapshot selected for recovery. DVD drives connected to a USB or a Serial ATA controller without IDE compatibility mode are not supported for full system recovery from DVD. Recovery Solution Reference Guide 190 Local Full System Recovery DVD Wizard Tips z You can create a new full system snapshot or use an existing snapshot for Full System Recovery DVD creation. Creating a new snapshot ensures that the Full System Recovery DVD set contains all the latest data. Snapshots performed before an upgrade and some snapshots affected by the Storage Space Management job will not appear in the list of existing snapshots. z You can password-protect your Full System Recovery DVD set. In this case, you will be prompted for a password on any attempt to start Full System Recovery or to restore data manually. z The target folder for Full System Recovery images can be your local hard disk drive or, if there is not enough space, a network storage location. z If there is not enough space, you can create the Full System Recovery images one by one burning each image as soon as it has been created and deleting it after burning. z We recommend verifying the Full System Recovery images after burning. For that, use your DVD burning software feature or manually copy all data from DVD disks to a hard drive. Warning Protect your Full System Recovery media. If the Full System Recovery media becomes corrupted, the Full System Recovery process will fail and all data may be lost. Local Full System Recovery from DVD Tips z The Full System Recovery process must be started using the first created DVD disk in the Full System Recovery DVD set. After starting the computer from the Full System Recovery DVD, initiate the Full System Recovery on prompt by pressing F10 on the keyboard. If the Full System Recovery DVD set was password-protected, you will be prompted for a password. z During the first phase, all fixed local hard disk drives will be reformatted and the original disk configuration will be restored. Then, the minimal set of Windows files will be copied and the restore process will continue. This phase may take up to 30 minutes. z After a restart, all FAT32 partitions will be converted to NTFS if needed. Each FAT32to-NTFS conversion requires an additional computer restart. z The computer will be restarted to Windows and all remaining user data will be restored. If the Full System Recovery DVD set contains more than one DVD disk, you will be prompted to insert the disks one by one, otherwise the whole Full System Recovery process can run unattended. Local Full System Recovery from DVD Limitations z All fixed local hard disk drives are reformatted during the Full System Recovery process. z The number and the size of hard disk drives must be the same as or larger than the number and the size of disks present at the moment of the full system snapshot selected for Full System Recovery. z Full System Recovery DVD creation cannot be scheduled - you must launch it manually. Recovery Solution Reference Guide 191 The Full System Recovery from DVD can be performed even in case of a stolen notebook or a totally destructed hardware. For that to occur, you must replace the computer with the same model and start it from the Full System Recovery DVD. Using the F11 Option in Local Mode On Local Recovery client computers, the full system recovery can be performed by pressing F11 on the startup of a computer you want to restore. Note On some of Fujitsu Siemens Computers computer models (like LIFEBOOK), Full System Recovery can also be initiated by pressing the specially designated Recovery button. Typically, you can run a full system recovery in many cases, such as when a computer has an operating system that won’t start. It does not help in the case of a stolen notebook because all the backed up data is stored locally on the drive, unless the Altiris Local Recovery partition was located on a removable disk drive that you can use to restore your data to another computer. If you created the Local Recovery partition on a non-system disk, you can run Full System Recovery from that disk in case your system hard drive fails. Simply replace the unrecoverable system disk with disk of the same or larger size and set your computer to start from the drive that contains the Local Recovery partition to perform Full System Recovery. After the restore from the disk drive hosting the Altiris partition, you should change the startup order back to the original in computer BIOS (start from the system disk drive, to which the restore was performed). After this the Full System Recovery will proceed. The disk partitioning layout will be restored to the time of a snapshot that you selected during the Full System Recovery image creation. The following limitation applies to running Full System Recovery in case of a system hard drive failure. z If the new drive is smaller than the original one, there may not be enough space for all of the data. Using Web-Based File Recovery Recovery Solution lets you access protected data and recover files over the Internet using a Web browser from any computer. To recover files 1. Use Microsoft Internet Explorer 5.0 (or later) or Mozilla Firefox 2.0 to access http:// server/wbfr where server is the name or address of the Recovery Server. Notes If the server name contains the “_” sign, you must use the server IP address (http:/ /IP address/wbfr) to access the Web Based File Recovery page. Recovery Solution administrator can change the address of the Web-Based File Recovery web site. 2. Enter valid Recovery user credentials when prompted. Recovery Solution Reference Guide 192 3. Click the computer name in the list of protected computers. 4. Select the files and follow the instructions on the screen to restore. Notes For the Web-Based File Recovery feature to become available, Microsoft Internet Information Server (IIS) must be installed and running on the Recovery Server computer during server setup. If IIS was not installed on the server, or if Web-based file recovery was not automatically configured for any other reason, then it can be configured manually. The Recovery Solution administrator can disable the Web-based File Recovery access for users. Before accessing the Web-Based File Recovery page, you must ensure that the latest version of Microsoft Java Virtual Machine or Sun Java Runtime Environment is installed (downloadable at http://java.com/en/download/). Caution If a user runs Web-based file recovery from a computer that is accessible to other users, then when Web-based file recovery is complete, all browser windows should be closed in order to clear cached password information from the browser. If any browser windows remain open, then it may be possible for someone else to browse to the server without entering any credentials, and access the original user’s data. Note If you are running Windows 98, Recovery Solution writes events to the Recovery Solution event log instead. For more information, see Using Recovery Solution Event Viewer on page 193. If you are in Windows 98, click Application from the Log menu to display the Application event log. , or Delete Event Log in the Windows 98 Recovery Solution Event Viewer, and on Windows 98 computers the file will be removed from your computer Using Recovery Solution Event Viewer If you are running Windows 98, the Recovery Solution Event Viewer is automatically installed with Recovery Solution. This tool lets you view the Recovery Solution event log. The event log stores Recovery Solution events. An event is an important occurrence that is caused by Recovery Solution or that affects Recovery Solution somehow. Examples include successful snapshots, security data, and error messages. The Event Viewer window allows you to view, print, or delete the event log, or to save it under a different name. You work with the entire log at once. You cannot change or delete individual entries. However, you can open and save the event log to a file in text format so it can be opened in any text editor. For a description of each of the log entry fields, see the description of the Event Details Dialog Box on page 198. Recovery Solution Reference Guide 193 Note If you are running Windows 2000/XP, Recovery Solution writes events to the Windows Application Event Log. Event Log Menu How to Print the Event Log From the Event Viewer Log menu, click Print. Log Menu: Open Opens an event log file. If you have copied or renamed an event log file, you might have several of them on your disk. When you start the program, Recovery Solution Event Viewer opens the default log file. Use the Open command to open a different file. You cannot use the Event Viewer to view an event log file that was saved in ASCII text format; use a text editor, such as Notepad, instead. Open is also on the Event Viewer toolbar. Log Menu: Save As Saves the event log in one of the two formats: z As a Recovery Solution event log file, readable in the Event Viewer. z As a comma-delimited ASCII file formatted for importing into a database or a spreadsheet, readable in a text editor. Saving the event log file under another name does not affect the current event log. If you want to start a new event log, you can rename the event log file. Recovery Solution automatically creates a new file with the default name when it needs to write another event. Note To save the log file with an extension other than .EVT or .TXT, choose the file type from the list, and then type the file name in quotation marks. Save As is also on the Event Viewer toolbar. KEYBOARD: Ctrl+S Log Menu: Delete Event Log Deletes the entire event log from your computer. Because the event log can become very large, you might want to do this occasionally. You cannot edit the event log or delete individual events within the Event Viewer window. However, before deleting it, you can move or rename the event log file in Windows, or from the Event Viewer window, you can save it under another name. When you click Delete, the opened event log file is immediately deleted. Recovery Solution automatically creates a new file with the default name when it needs to write another event. Recovery Solution Reference Guide 194 Delete Event Log is also on the Event Viewer toolbar. KEYBOARD: Del Log Menu: Print Prints the entire event log. Windows displays a Print dialog box in which you can set printing options or choose a printer before sending the print job. Print is also on the Event Viewer toolbar. KEYBOARD: Ctrl+P Log Menu: Exit Closes the Recovery Solution Event Viewer. KEYBOARD: Alt+F4 KEYBOARD: Alt+X View Menu View Menu Toolbar Shows or hides the Event Viewer toolbar. The toolbar contains buttons for common Event Viewer commands. Open: Opens an event log file. Save As: Saves the current event log to a new file. Print: Prints the current event log. Find: Searches for specific events. Filter Events: Limits what events are displayed in the Event Viewer window. Delete Log: Removes the current Recovery Solution event log from your computer. Event Details: Displays more detailed information about the selected event. View Menu Status Bar Shows or hides the status bar at the bottom of the Event Viewer window. The status bar displays the following information: z A brief help message: This area of the status bar displays brief help messages about commands as you work in the Event Viewer window. Example: if you rest the Recovery Solution Reference Guide 195 mouse pointer on a toolbar icon or a menu command, you will see a description of that command in the status bar. z The total number of events the log currently contains: This area of the status bar displays the total number of events that the currently open event log contains. z The total size of the event log file: This area of the status bar displays the total size (in KB) of the currently open event log file. View Menu Options Filter Events Limits the events displayed in the Event Viewer window. You can filter events based on any combination of the event log fields. Filter Events is also on the Event Viewer toolbar. Find Searches for specific events in the currently open event log. You can search on any combination of the event log fields. After finding an event, you can search for the next event that matches the same criteria by using the Find Next command. Find is also on the Event Viewer toolbar. KEYBOARD: Ctrl+F Find Next Searches for the next event that meets the criteria of your last search. KEYBOARD: F3 Event Details Displays detailed information about the selected event. All information is read-only. Event Details is also on the Event Viewer toolbar. KEYBOARD: Enter You can also open the Details dialog box by double-clicking an event date in the list. Refresh Updates the information in the Event Viewer window. If events occur while the event log is open, you will need to click Refresh to force the Event Viewer to update the information. KEYBOARD: F5 About Recovery Solution Displays license and version information about Recovery Solution. Recovery Solution Reference Guide 196 Event Viewer Dialog Box Find To open this dialog box, click Find in the Event Viewer’s View menu. Use this dialog box to search for events that match the criteria you give. You can specify any combination of criteria listed below. z Type Information Warning Error Success Audit Failure Audit z Description z Computer z User z Source z Find For more information, see Event Viewer Elements on page 197. Filter To open this dialog box, click Filter in the Event Viewer’s View menu. Use this dialog box to limit the events displayed in the Event Viewer window. You can specify any combination of criteria listed below. z Type Information Warning Error Success Audit Failure Audit z Description z Computer z User Event Viewer Elements Recovery Solution Reference Guide 197 Event Details Dialog Box To view the details of an event, select the event and click Event Details from the Event Viewer View menu. You cannot change any of the information in this dialog box. Date: The date the event occurred. Time: The time the event occurred. Type: The category into which this event falls. The following are the event types. Information Warning Error Success Audit Failure Audit Source: The part of the program that caused the event. User: The username of the person who was logged on to the computer when the event occurred. Computer: The name of the computer on which the event occurred. Description: Detailed information about the event. System Error: An error message generated by the operating system that is associated with the event you are viewing. This field only appears if there is a system error associated with the event. It appears below the Description field. Close: Click this button to close the dialog box. Previous: Displays the details of the previous event in the list. (In the default sort order, this is the next chronological event.) This button shows the previous visible event. If events are filtered, you will not see the ones that are not being displayed. Next: Displays the details of the next event in the list. (In the default sort order, this is the previous chronological event.) This button shows the next visible event. If events are filtered, you will not see the ones that are not being displayed. Troubleshooting the Event Viewer Troubleshooting: Event Log Needs Information If you are running the Recovery Agent under Windows 98, the event log is probably empty, in which case the file might not even exist. The event log might be empty for any of the following reasons. z You just installed the Recovery Agent and no events have yet been logged. z You recently renamed or deleted the event log. The log file will be re-created the next time an event occurs. Recovery Solution Reference Guide 198 Scheduling Snapshots to Run When Your Computer is Idle If desired, you can have snapshots run while your computer is in an idle state. When activated, the “snapshot on idle” option causes a snapshot to run after a specified amount of idle time (time with no mouse or keyboard input to the computer). In serverbased mode, the default idle time is four minutes, and in local mode, the default is six minutes. To activate the “snapshot on idle” option, click the Snapshot Schedule tab, and select the As soon as computer goes into idle state check box. After the snapshot starts, it will run to completion unless you cancel it manually. Even if the snapshot is already running, you can resume working on the computer without affecting snapshot progress. A snapshot is started only if there is one scheduled to take place at the same time or later on the same day, or if the end time for yesterday’s snapshot has not yet been reached. No snapshot is started if the scheduled snapshot time has passed, even if no snapshot took place during the scheduled period. Only one scheduled snapshot is taken each day, no matter how many times the computer is turned on. Additionally, no snapshot is started on idle if another Snapshot Schedule option has already caused a snapshot to run (see Snapshot Schedule Dialog Box on page 24). These options include the following. z Take each day’s snapshot as soon as user turns on the computer z Take each day’s snapshot as soon as user resumes the computer z Take each day’s snapshot as soon as user docks the computer Recovery Solution Reference Guide 199 Part III Recovery Solution Technical Reference This part contains the following chapters: z Recovery Solution Troubleshooting (page 201) z Recovery Agent Troubleshooting (page 227) z Technical Reference (page 253) z Hard Disk Support (page 297) Recovery Solution Reference Guide 200 Chapter 12 Recovery Solution Troubleshooting Use the information in this section to solve problems you might encounter with Recovery Solution. Be sure to also read Release Notes for important information that might not have made it into the documentation. You can also review Product Limits on page 253 to view information about a few of the things that Recovery Solution is not designed to do. If you cannot find the information you need, you can visit the support page at www.altiris.com. z Troubleshooting Resources (page 201) z Installation Troubleshooting (page 206) z User Account & Logon Problems (page 211) z Data Protection & Recovery Troubleshooting (page 213) Troubleshooting Resources This section describes other resources you can use when troubleshooting problems with Recovery Solution. z Event Logs (page 201) z Using the Windows 98 Event Viewer (page 202) z File Version Details (page 205) Event Logs An event is an important occurrence that is caused by Recovery Solution or affects Recovery Solution in some way. Examples include security data and error messages. Different Recovery Solution components report information in several log files. z Recovery Solution Setup, Recovery Solution Cluster Creation Wizard and Altiris Console report events into the Notification Server log that you can view at http:// <server name>/Altiris/NS/LogView.asp. z Recovery Solution Agent Setup logs events into the agent installation log (AexCRAS.log) found on client computer. z Recovery Server Setup logs events into the server installation log (AexCRSS.log) found on the server computer in %ProgramFiles%\Altiris\Recovery Solution\Server folder by default. Both Recovery Solution and Recovery Agent write events to an event log. In Windows 2000/XP, events are written to the Windows Application event log. System events might also affect or be affected by Recovery Solution. In Windows 9x/Me, events are written to an event log file maintained by Recovery Solution. Viewing the appropriate event logs is a good way to help troubleshoot Recovery Solution. You should make a note of the Recovery Solution Reference Guide 201 information that gets logged when problems occur. This information can greatly assist systems engineers and any other technical support staff you might contact for help. To view event messages on the server 1. From the Windows Start menu, click Administrative Tools (Common). 2. Click Event Viewer. 3. From the Log menu, click either Application or System to view each event log. To view event messages on a protected computer 1. Open Recovery Agent Options. 2. On the General tab, click Events Log. For details about an event, double-click it in the list, or highlight it and press ENTER. Note If an event reported by Recovery Solution is associated with a system event reported by Windows or an operating system component, then the System Event Code of the Windows event is reported along with the other event information. System events are documented by Microsoft. The system events associated with Recovery Solution are frequently reported by the following Windows components. The typical system event codes listed below are meant only as a guide; it is possible that these components could report other codes and that these codes could be reported by other components. Windows Components Typical System Event Code DCOM Starts with 0x8004. Windows Starts with 0x8007. RPC Starts with 0x8008. Using the Windows 98 Event Viewer This section describes the Event Viewer installed with Recovery Solution on Windows 98 computers. Note The Windows Event Viewer used on Windows 2000/XP computers is an operating system component (see Windows Help for instructions on using it). See also: z Event Details (page 203) z Finding Specific Events (page 203) z Saving Events to Other Files (page 204) z Clearing the Event Log (page 204) z Automatically Overwriting Events (page 204) Recovery Solution Reference Guide 202 Event Details Some information about each event is displayed in the main Event Viewer window. For complete details on an event, select it in the list, then from the View menu, click Event Details. The following information is associated with each event. z Date This is the date on which the event occurred. z Time This is the time of day at which the event occurred. z Type The category into which this event falls. The following are the event types. Information Something that occurred without any problems. Warning A potential problem that might prevent the program from performing as expected. Error A problem that prevented the program from performing as expected. z Source This is the part of the program that caused the event. z User This is the user name of the person who was logged on to the computer when the event occurred. z Computer This is the name of the computer on which the event occurred. z Description This is detailed information about the event. z System Error If an error message generated by the operating system is associated with this event, the system message is displayed here, below the main description. Otherwise, this field does not appear. Finding Specific Events You can locate specific events in the event log in the following ways. z On the View menu, click Filter Events to limit the events displayed in the Event Viewer window. You can filter events based on any combination of the event log fields. Leave a field blank if you do not want to filter on it. z On the View menu, click Find to search for specific events. You can search on any combination of the event log fields. Leave a field blank if you do not want to search on it. Recovery Solution Reference Guide 203 After finding an event, you can search for the next event that matches the same criteria by using the Find Next command. Saving Events to Other Files If the event log gets too full but you do not want to delete the events, you can save the log under a different file name. Use the File menu Open and Save As commands to work with event log files other than the default. You can then clear the main event log. You also have the option to save the event log as a comma-delimited ASCII text file formatted for importing into a database or a spreadsheet. Simply click this option from the Save as type list when saving the file. Note You cannot use Event Viewer to open an event log file that you saved in text format. If you want to be able to view the event log file from within the Event Viewer, save it as an event log file. Clearing the Event Log You can clear the event log at any time. You might want to do this to if the file becomes too large. You can view the file size and the number of events in the file from the status bar. When you clear the event log, all events are deleted, and the file is removed from the computer. You cannot delete just a portion of the event log, but you can rename the event log file instead of deleting it, or you can save the event log under a different filename before you delete it. To clear the event log 1. From the Log menu, click Delete Event Log. 2. Follow the confirmation prompts on the screen. Automatically Overwriting Events Because the event log can grow quite large, you might want to limit its size. You can configure the Event Viewer to automatically overwrite old events as new ones occur. To configure the Event Viewer to overwrite events 1. From the Windows Start menu, click Run. 2. Type REGEDIT.EXE and then click OK. Caution Be extremely careful when using the Registry Editor. If you accidentally change or delete the wrong values, the computer could stop working properly. You might want to print the Registry Editor Help topic To restore the registry before making any changes. This topic describes how to revert to an old version of the registry if the computer will not start. 3. Browse to the following registry location. HKEY_LOCAL_MACHINE\SOFTWARE\Altiris\eXpress\Recovery Solution Agent\EventLog Recovery Solution Reference Guide 204 4. If you do not see an Overwrite Mode value in the right-hand pane, then click the Edit menu, click New and then click DWORD Value. Type Overwrite Mode. 5. Select the Overwrite Mode value. 6. From the Edit menu, click Modify. 7. Under Value data, specify one of the following. 0 This tells the Event Viewer to overwrite events as needed. The log size will not exceed the maximum size specified by the Maximum Log Size registry value (default 128 KB). 1 This tells the Event Viewer to overwrite events that are older than the number of days specified in the Overwrite Days registry value. 2 This tells the Event Viewer to never overwrite log events. Caution If you specify this option, there is no limit to the size of the event log file. The file could eventually grow to fill all of the remaining space on the drive. If you want to keep all old events, you should periodically archive the event log file and delete it from the local drive. 8. Click OK. 9. Repeat the above procedure to create or edit the following values as appropriate. Note While editing values, be sure you specify Decimal for the Base option, unless you truly intend to enter the numbers using hexadecimal notation. If you chose to overwrite log events as needed and you want to change the maximum size for the log file, repeat the above procedure to create or edit the value named Maximum Log Size, and specify the maximum number of kilobytes (KB) you want the file to consume. 10. If you chose to have overwrite log events after a specified number of days, repeat the above procedure to create or edit the value named Overwrite Days, and specify the maximum number of days for which you want Recovery Solution to store events in the log. File Version Details You can view detailed version information about most of the program files for any component of Recovery Solution (server, console, or agent). This information might be useful if you need to obtain product support. When you first install Recovery Solution most of the file version numbers probably match, but this could change if you apply updates to your installation. Recovery Solution Reference Guide 205 To view detailed program file information At any computer with any component of Recovery Solution installed, browse to the installed program files folder for Recovery Solution and run the program AeXVer.exe. On protected computers, file version details for Recovery Agent can also be viewed from the Options dialog box, by choosing the General tab, the About Recovery Solution link, and finally the Details button. To save the program file details to a text file 1. While viewing program file details, from the File menu, click Save As. 2. Specify a filename and then click Save. Installation Troubleshooting Use the information in this section to solve problems you might encounter while installing or getting started with Recovery Solution. z Server Installation Troubleshooting (page 206) z Troubleshooting User Installations (page 208) Server Installation Troubleshooting This section provides troubleshooting tips for installing the server. Choose the item that best describes the problem you are having, or scroll down to browse the information. z After installation, W3SVC warnings appear in System event log (page 206) z If Recovery Server uninstall encounters an error, uninstall rollback may fail (page 207) z Altiris Recovery Server service error message after completing a Recovery Solution Server upgrade (page 207) z Recovery Server upgrade hangs with “Upgrade in progress” status forever (page 207) z Recovery Solution tasks are non-fuctional after aggregation of legacy servers (page 208) z Altiris Recovery Solution Server cannot be installed because 8.3 file names creation is disabled (page 208) After installation, W3SVC warnings appear in System event log After Recovery Solution Server is installed on a computer with IIS, whenever Windows is restarted the System event log on the server might log warnings that the Web shares for Recovery Solution could not be created. In fact, the shares are created and you can safely ignore these warnings. If you would prefer to eliminate the warnings, you must edit the security properties of the shared folders to grant the computer’s SYSTEM read access. By default, the shared Web folder for Recovery Agent Setup is: Recovery Solution Reference Guide 206 C:\Program Files\Altiris\Notification Server\Client Recovery Server\Agent\AgentWeb and the shared Web folder for Web-based file recovery is: C:\Program Files\Altiris\Notification Server\Client Recovery Server\WBFR. If Recovery Server uninstall encounters an error, uninstall rollback may fail If Recovery Server is brought to unusable state after uninstall rollback encounters an error, you can try these steps to complete the server uninstall. Try uninstalling Altiris Recovery Solution Server via Control Panel > Add/ Remove Programs on the Recovery Server machine. Initiate Recovery Server Install on the same machine from Altiris Console and try uninstalling later again. Altiris Recovery Server service error message after completing a Recovery Solution Server upgrade After the setup program for Recovery Solution Server is complete, you see the following error message in the server event log: “Service 'Altiris Recovery Solution Server' (Altiris Recovery Solution Server) could not be installed. Verify that you have sufficient privileges to install system services.” You should check the AeXCRSS.log file created by the server installation for the following message: “Setup has detected that version of selected Altiris Recovery Solution Cluster is older than version of this Recovery Solution Server installation package.” Note For instructions on locating the log file, see “After Server Installation Is Complete” on page 41. The error may occur, if the Microsoft Services MMC snap-in widow was open on the server during upgrade. This causes upgrade to fail when replacing the Recovery Solution Server service components. If this occurs, close the Services window and other running applications on the server and retry running the Recovery Solution Server Install. Recovery Server upgrade hangs with “Upgrade in progress” status forever After starting Recovery Server upgrade never ends as the server status is shown as "Upgrade in progress” on the Recovery Solution Servers in this Cluster page. Accelerate Scheduled Snapshot and Full System Recovery Wizard functionalities may fail with error saying that no available server is found. The problem may appear if Recovery Server upgrade occurs while Notification Server is offline. The workaround for this problem is to uninstall the Recovery Server for which the status cannot be updated and to install it again using the corresponding policies. Recovery Solution Reference Guide 207 Recovery Solution tasks are non-fuctional after aggregation of legacy servers Recovery Solution tasks (such as Manage Protected Data, Disable or enable account, Full System Recovery image creation) may become non-functional after an aggregation of a remote legacy Recovery Server and a Notification Server has already been running Recovery Solution with a not yet upgraded Recovery Server. Upgrading local Recovery Server should resolve the issue. Altiris Recovery Solution Server cannot be installed because 8.3 file names creation is disabled 8.3 file names creation must be enabled on a computer before installing the Recovery Solution server, otherwise the error "Altiris Recovery Server cannot be installed because 8.3 file names creation is disabled" will appear during installation. The '8.3 file names creation' can be enabled the following way: Registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem Parameter: NtfsDisable8dot3NameCreation Type: string Set this value to 0 to enable 8.3 name creation. Troubleshooting User Installations Listed below are some of the potential problems users might experience when trying to install Recovery Agent. Choose the item that best describes the problem you are having, or scroll down to browse the information. z Altiris Local Recovery Agent Registration fails (page 208) z Error message appears during Recovery Agent Setup (page 208) z User account not validated (page 209) z Setup does not run properly (page 210) z Applications will not start after agent install (page 211) Altiris Local Recovery Agent Registration fails Local client registration can fail after installation with error 0x80004005 or 0x80070057 if Windows default temporary folder (%WINDIR%\Temp) is missing on the client computer. The workaround is to recreate the Windows Temp folder. For information, see Microsoft Knowledgebase article 251254. Error message appears during Recovery Agent Setup Script error appears in browser when user tries to install Recovery Agent from Web-based Setup wizard Recovery Solution Reference Guide 208 z The server might be running an earlier version of Microsoft Internet Explorer. Internet Explorer 5.0 or later is required. z The user might be running an earlier version of Microsoft Internet Explorer. Internet Explorer 5.0 or later is required. z If Microsoft SQL Server on the server is running under the SYSTEM account or another account that is not part of the AeXRS_Users group on the server, this user must be added to AeXRS_Users before the Web installation can be accessed. An administrator can make this change using Web Console. z "Page not found" error appears in browser when user tries to access Altiris Recovery Agent Setup Wizard or Web Based File Recovery page on Windows 2003 Server. To resolve this problem, change the status of Active Server Pages to Allowed in the Web Service Extension list in IIS 6.0. For more information about, visit the Microsoft Support Web Site. “Cannot read the Windows registry” error This could happen if the Windows computer name of the server does not match the Domain Name System (DNS) host name in its TCP/IP properties. One of these names should be changed to match the other. User account not validated Setup package prompts for credentials but does not accept them If the server is using Windows domain security, and the user installing the software is not a user (has never used the Recovery Agent on the computer), then the /User parameter and account credentials must be specified on the command line. Users unable to reinstall using their previous accounts z If the server is using Windows domain security, and the domain structure has been changed in such a way that a user’s original installation account or the domain containing it has been moved or renamed, then reinstallation requires one of the following. z For users reinstalling through the Web-based Setup wizard, an account with the user’s original username and password must exist in the domain containing the server, or in a trusted domain. Under certain situations, a user might see a message saying that the installation cannot be performed because there is more than one protected computer with that user name. This could happen if the server is using Windows domain security and different accounts were reinstalled to the same computer. To resolve the conflict, an administrator must locate the user’s conflicting accounts within the console. This might be easiest to do using the Protected Users list. The administrator must then do one of the following. Rename the computer that is not being used for the reinstallation. Delete the account that is not being used for the reinstallation. This can be done by selecting the protected computer, then from the Action menu or the context menu, choosing Mark For Delete, then Computer Account. The account is deleted during the next deletion or server space management job. For instructions on scheduling these jobs, see Configuring Server Job Schedules on page 98. Recovery Solution Reference Guide 209 Caution Deleting an account also deletes all protected data associated with that account. User with expired password is prompted to change it during Web installation, but then installation stops This appears to be an issue with the way Internet Explorer handles account authentication. If a user’s password has expired, it should be changed through Windows before installing Recovery Agent. Setup does not run properly After user chooses to let browser run installation automatically, file downloads, but nothing happens z Check the available disk space on the user’s computer. There should be free space equal to at least 3 times the size of the installation files to allow for the creation of temporary files during the browser download and the installation. If there is not even enough disk space to download the file, browser limitations might prevent the problem from being reported, but the installation will fail to run. z If the user is running Windows 2000/XP, see the server detection problem description. During SMS deployment, Setup runs twice This could happen during installation on a Windows 9x computer, if operating system components such as DCOM or Dial-Up Network need to be updated. To fix the problem, the person configuring SMS can do one of the following. z Create separate deployment packages for each operating system component, and deploy them before deploying Recovery Agent. This is the recommended fix, since deploying all components in the same package could potentially result in an incorrect installation status being reported to the SMS server. z Make a change to the SMS program properties for the distribution package. On the General tab, for the After running option, click Program restarts the computer. The automatic upgrade fails. The following are potential causes of this problem. z If the user who is logged on at the time the upgrade starts is not an authorized user of Recovery Solution, the upgrade might fail. To fix the problem, the user can be added to the user group for Recovery Solution (AeXRS_Users by default), or someone else can log onto the protected computer as a valid user of Recovery Solution, and let the upgrade run again. You can cause the upgrade to start by simply browsing the computer’s protected files. z The Setup files for the upgrade are downloaded to the TEMP subfolder of the installed program files folder for Recovery Agent (C:\Program Files\Altiris\Recovery Solution Agent). If there is not enough disk space on this drive, the upgrade could fail. z If Windows System Restore is used to return a protected computer to a point at which a previous version of Recovery Agent was installed, the automatic upgrade does not re-upgrade Recovery Solution to the current version. In this case, a reinstallation of Recovery Agent must be performed, using the computer’s existing account. Recovery Solution Reference Guide 210 z If the automatic upgrade of a Windows 2000/XP protected computer is interrupted (Example: if the computer is restarted during the upgrade), the software is unable to repair itself. If this happens, the user should reinstall Recovery Agent using the computer’s existing account. z If you are upgrading from Recovery Solution version 2.2 or earlier, and the protected computer’s IP address has changed since its most recent contact with the server, then the server cannot contact the protected computer to start the upgrade. This is most likely to happen if the protected computer is configured to use a dynamic IP address. To correct the problem, an administrator can go to the server and run the “RefreshClientsIP.exe” file from the installed program files folder. This updates the IP addresses of all protected computers in the database. If you the upgrade is being done gradually (a few computers at a time), the program can be run as many times as needed until all protected computers have been upgraded. Before running it, the administrator must make sure that (1) the server specifies the correct settings for your DNS server in its TCP/IP properties (if applicable), and (2) each protected computer’s DNS host name matches its Windows computer name. Alternatively, a user at a protected computer can start a snapshot manually, which will cause the protected computer to send its updated information to the server. After reinstallation from command line, Recovery Agent does not work This can occur if the server is running in Windows domain security mode, and no domain was specified as part of the installation command. In this case, it is impossible to configure Recovery Agent options or initiate a snapshot after reinstallation. To solve this problem, you can do either of the following: z Run the installation command again as described in Recovery Agent Setup Command Line, being sure to specify the domain parameter. z Reinstall Recovery Agent using the Web-based Setup wizard. Applications will not start after agent install After the Recovery Agent has been installed, the computer must be restarted. If the computer is not restarted, applications may not start properly. User Account & Logon Problems This section provides information on the following topics: z Protected Computers Cannot Connect to Server (page 211) z User Logon Issues (page 212) z Protected users cannot be authenticated (page 213) Protected Computers Cannot Connect to Server If protected computers receive errors when trying to connect to the server, check the following. z If the address of the cluster is changed, you must change the cluster address on the general tab of the Recovery Solution cluster configuration page (Configuration > Solution Settings > Incident Management > Recovery Solution > Recovery Solution Clusters > Recovery Solution Cluster Configuration). Recovery Solution Reference Guide 211 z If the protected computer connects to the server via a Dial-Up or Virtual Private Networking (VPN) connection, and any of these remote networking settings have recently changed on the computer, it might have affected the ability of the computer to communicate with the server. You can use Recovery Solution to return the settings to a previous state. Each time a protected computer starts, Recovery Solution saves the computer’s Dial-Up Networking settings in a snapshot that is stored locally on the protected computer. These settings can be restored without making a connection to the server. To access snapshots of network settings, the user clicks Network Settings Snapshots from the context menu of the desktop or system tray icon for Recovery Solution. This opens a window from which snapshots can be managed. Before restoring settings, it is a good idea to first save the current settings so that they can also be restored if necessary. Then any previously saved settings can be restored. z The DCOM configuration of either the server or the protected computer might not be correct. For information about checking the DCOM configuration settings, see DCOM Configuration on page 266. z If there is a firewall between a protected computer and the server, it must be configured to let DCOM traffic through. For documentation about DCOM and how it works with firewalls, visit the Microsoft Web site (http://www.microsoft.com). User Logon Issues Under certain conditions, Windows 2000 running on the server counts all connections from Recovery Agent as invalid logon attempts, even if the account is authenticated properly. This can occur if the protected computer is running Windows 98 SE. Depending on the account policy settings in place on the server, it is possible under these conditions for an account to become locked out without any failed logon notifications to the user. Recovery Solution connects to the server whenever Windows starts, so if the user restarts the computer several times in a short period, the limit for invalid logon attempts might be reached, and the account locked out. Possible symptoms of this problem that might appear to the user include the following. z Manual snapshots cannot be run. The user is prompted for logon information, but the credentials are never accepted. z The user cannot browse protected files. z The main folder in Windows Explorer cannot be expanded. Trying to open the protected files folder in its own window causes Windows to display an Action canceled Internet Explorer page. When trying to view options for Recovery Solution, the user sees a message saying that the schedule settings cannot be displayed. If a user encounters these problems, check the System event log on the server to see if the account is being locked out. If it is, you can change the user’s account so that it is not disabled and then have the user restart the protected computer. To prevent this problem in the future, you might consider changing the account policy to allow more bad logon attempts and/or to reduce the reset time. Recovery Solution Reference Guide 212 Protected users cannot be authenticated Domain users become a member of the Recovery Solution user group (AeXRS_Users) by default on the Altiris Recovery Solution Server service startup. If, e.g. because of a network connection problem, your domain controller is unavailable as the service starts, then your protected users will not be able to authenticate on the Recovery Solution server. To fix the problem, verify that your domain controller is available and restart the Altiris Recovery Solution Server service. Data Protection & Recovery Troubleshooting Use the information in this section to solve problems you or Recovery Agent users might encounter while protecting or recovering data. The topics below describe specific problems you might need to resolve. If you suspect other problems with the protected data that is stored on the server, see Configuring Server Job Schedules on page 98. z Snapshot & File Restore Troubleshooting (page 213) z Full System Recovery Troubleshooting (page 216) z Rollback Troubleshooting (page 224) Snapshot & File Restore Troubleshooting The following are some specific problems that might occur during snapshots. Choose the item that best describes the problem you are having, or scroll down to browse the information. z Snapshot Schedule for Certain Computers do not Run (page 213) z User Cannot Log On to Start Snapshot (page 214) z Job Cannot Be Submitted (page 214) z Protected computer drives missing from snapshots (page 214) z User Cannot Browse Protected Files (page 214) z User Cannot Access a Different Account Via Web-Based File Recovery (page 214) z Snapshots Fail Because Server Clocks Are Not Synchronized (page 215) z General Snapshot & Recovery Problems (page 215) z Short File Names Restored Incorrectly on FAT32 Partition (page 215) Snapshot Schedule for Certain Computers do not Run If the protected computer is running Windows XP or Windows Me, its connection to the server could be hampered by the Windows connection firewall, which prevents the server from reaching the computer. If the protected computer is behind a corporate firewall, or on a VPN connection to a network that has a firewall, it is probably protected by that firewall, so the user can Recovery Solution Reference Guide 213 usually turn off the personal firewall. Assuming that the server is on the same network, this should allow all features to work properly. Note Internet Connection Sharing uses the Windows firewall by default, so if the protected computer uses Internet Connection Sharing then you could run into the same problem. User Cannot Log On to Start Snapshot For more information, see User Logon Issues on page 212. Job Cannot Be Submitted z In Windows 2000/XP, one cause of this error is that the drive that contains the files being protected uses the NTFS file system, and the local SYSTEM account on the protected computer does not have full access to the drive. Recovery Solution uses this account to read and write data. To fix the problem, make sure that the SYSTEM account has access to the drive. z If multiple users report this problem at the same time, it might be an issue with the server. Try to restart the server, following the instructions in Stopping and Starting the Recovery Solution Server Service on page 289. Protected computer drives missing from snapshots If some files or drives are missing from a snapshot, if may be because the protected computer’s disk configuration changed. If the disk configuration changes on a protected computer, Recovery Agent should be reinstalled using the existing account to ensure that the updated drives are protected. Following are some of the specific disk configuration changes that might require reinstallation of the software. z A hard drive is added to or removed from the computer. z A drive is resized. z A hard drive letter is changed. z A drive’s file system is changed (Example: from FAT to NTFS). User Cannot Browse Protected Files For more information, see User Logon Issues on page 212. User Cannot Access a Different Account Via WebBased File Recovery Under some circumstances, Web browsers can obtain valid logon credentials without prompting the user for them. This could make it difficult for the user to access protected files that are stored under a different account name. The Web-based file recovery logon prompt might not appear if any of the following conditions are true. Recovery Solution Reference Guide 214 z The user has already accessed Web-based file recovery during the same Web browser session. Even if the user chooses the Log Off button, the credentials are not necessarily cleared from the browser’s cache, so returning to the page might not require another logon. z The user is running Internet Explorer, and the user’s logon credentials for Windows are the same as those for Recovery Solution. In this case, Internet Explorer just uses the Windows credentials without prompting for a logon. If a logon prompt is required (Example: if the user wants to access protected files that are stored under a different account name), then the user can do one of the following. Log onto Windows using different credentials. Access Web-based file recovery using Netscape, which is available for free from the Netscape Web site (http://www.netscape.com). Snapshots Fail Because Server Clocks Are Not Synchronized If computers’ clocks on two or more Recovery Servers in a cluster are unsynchronized, snapshots may fail. You must ensure that server clocks are synchronized. If Recovery Server computer is a member of a domain, its computer clock can be synchronized automatically by a network time server. If Recovery Server computer is not a member of a domain, the computer’s clock may be automatically and regularly synchronized by an Internet time server. To quickly synchronize computer’s clock with that of another Recovery Server computer, open a command prompt on the server and enter the following command: NET TIME \\computername /SET General Snapshot & Recovery Problems If the server is running MSDE (the lite version of Microsoft SQL Server), then the number of SQL Server connections used by Recovery Solution should not be set to anything greater than 5. If too many simultaneous connections are allowed, certain tasks could fail. For instructions on setting the number of connections used by Recovery Solution, see Licensing Recovery Solution on page 44. Short File Names Restored Incorrectly on FAT32 Partition If you restore files on FAT32 partition on Windows Vista or XP 64-Bit Edition, the short file names may be different from the originally backed up short file names. This is a current FAT32 limitation. File restore on an NTFS partition works properly with short file names. Recovery Solution Reference Guide 215 Full System Recovery Troubleshooting This document contains troubleshooting information you can use in case a Full System Recovery does not work properly. For instructions on performing a Full System Recovery, see Running Full System Recovery on page 143. Choose the item that best describes the problem you are having, or scroll down to browse the information. z Disk space error appears during Full System Recovery disk creation (page 216) z Full System Recovery does not start properly (page 216) z Error appears during Full System Recovery (page 217) z Full System Recovery fails when creating disk structure (page 220) z Full System Recovery incomplete, but no error appears (page 220) z Problems occur after server upgrade (page 221) z Error appears after Full System Recovery (page 221) z Recovery Agent not working after Full System Recovery (page 222) z Files missing or outdated after Full System Recovery (page 222) z Full System Recovery stalls (page 222) z Full System Recovery CD-ROM failure (page 222) z Full System Recovery and Windows 98 with Symantec Antivirus (page 223) z Cannot Cancel Restore of Folder (page 223) z Norton AntiVirus Security Warning (page 223) z Account Disabled After Full System Recovery (page 223) z Recovery Fails on Computers with Phoenix nForce 6A61CPAAC-00 BIOS (page 224) z Full System Recovery fails on HP NetServer LC2000 (page 223) Disk space error appears during Full System Recovery disk creation Make sure that the network share for Full System Recovery has free disk space equal to the total size of the CD/DVD-ROM images plus the maximum amount of data for a single CD/DVD-ROM (depending on the capacity of your blank CD/DVD media). Full System Recovery does not start properly Computer starts normally, but nothing else happens After the computer starts, run the Full System Recovery program (RNDM_DR.EXE) at the command prompt. If the program still does not start, create a new Full System Recovery disk. Temporary operating system does not start If the operating system appears to have been copied correctly but it does not start, it is possible that the disk partition or drive information was not restored correctly. Example: some types of computers use a special utility partition that is stored at the beginning of Recovery Solution Reference Guide 216 the hard disk. If this partition is not restored correctly, the temporary operating system might not be able to start. To correct the problem, you can use a disk partition tool such as PartitionMagic to restore the original partitions and drive letters. After you restart the computer Full System Recovery should continue from the point at which it stopped. Cannot log into temporary operating system when starting Full System Recovery There may be a problem with the temporary operating system copied to CD-ROM as part of the Full System Recovery image. A problem occurs when a Windows NT computer has non-English regional settings (stored in the system’s .NLS files). If this is the case, it is impossible to log on, because the logon prompt does not accept keyboard input. This problem can be fixed by creating new Full System Recovery disks that include, in the temporary operating system, all of the .NLS files from the SYSTEM32 subfolder of the protected computer’s Windows folder (by default, C:\WINNT\SYSTEM32). You must then restart Full System Recovery using the new disks. Error appears during Full System Recovery “Cannot load DOS. Press any key to retry.” If the computer is booting from a floppy disk, the disk might be bad. Ordinarily this would be detected at the console, but if the floppy disk drive at the console is better at handling disk errors than the floppy disk drive at the protected computer is, Recovery Solution might not be able to detect the problem when you create the Full System Recovery disk. Try creating a new Full System Recovery disk with a different floppy disk. “VDISK memory allocator already installed. XMS driver not installed.” You might have started the Full System Recovery by simply restarting the computer instead of turning it off. Be sure to turn the computer off to clear its memory, then with the first disk or CD-ROM inserted, turn the computer back on. “Partition table file is invalid” The Full System Recovery cannot continue because there is a problem with your computer’s file system. This error usually appears if you have chosen to continue a Full System Recovery that you started previously. You might need to restart the Full System Recovery from the beginning. “Hard disk [C:] is smaller than the original.” The partition table cannot be restored. The hard disks on the computer to which you are restoring data are too small to hold all of the protected data from the original hard disks. For Full System Recovery to work, the computer to restore must have at least as many hard disks as the original protected computer, and the contents of each original disk must fit entirely onto one of the restored computer’s disks. Listed below are some specific circumstances that might cause this error to occur. z A hard disk has been removed from the protected computer since the time of the Full System Snapshot. Recovery Solution Reference Guide 217 z You are trying to restore to a different computer than the one from which the Full System Snapshot was run. z The protected computer uses Windows 2000/XP disk volume sets or stripe sets. In this case, there must be physical disks on the recovered computer large enough to store the entire contents of the logical disks from the snapshot. “Cannot open partition information file.” Recovery Solution cannot access the information about the computer’s file system. This might be because the data is invalid, or it might just be a temporary access problem. You should start the Full System Recovery again. If you attempt to continue from where you left off and you still see this message, you will have to restart the Full System Recovery from the beginning. “Invalid volume information file.” The Full System Recovery cannot continue because there is a problem with the information about your hard drives. This error usually appears if you have chosen to continue a Full System Recovery that you started previously. You might need to restart the Full System Recovery from the beginning. “Cannot open volume information file.” Recovery Solution cannot access the information about your computer’s hard drives. This might be because the data is invalid, or it might just be a temporary access problem. You should start the Full System Recovery again. If you attempt to continue from where you left off and you still see this message, you will have to restart the Full System Recovery from the beginning. “Run-Time error R6003. Attempt to divide by 0” You might see this message in the following cases. z On computers with certain BIOS versions, if you attempt to recover from a bootable CD-ROM. Example: computers with American Megatrends AMIBIOS Version 1.00.04.DK0K cannot be recovered from bootable CD-ROM. One possible work around is to use the console to create a bootable floppy disk, and restart the Full System Recovery from the floppy disk. However, this might not work on all BIOS versions. “Disk Write Error. Could not write to disk %c.” It is possible that part of the disk specified is damaged. You might try using a tool such as ScanDisk to mark the bad clusters as unusable. If there is enough disk space left over to recover the system, you can try again. Otherwise, you can install the operating system manually and perform a data-only Full System Recovery. You could also replace the hard disk with another one that is at least the same size as the original one and then run the Full System Recovery again. “Original boot sector not found” You might see this message on computers with a single SCSI drive and certain BIOS versions installed, if you attempt to recover from a bootable CD-ROM. One possible work Recovery Solution Reference Guide 218 around is to use the console to create a bootable floppy disk, and restart the Full System Recovery from the floppy disk. “ntldr not found” If the protected computer has multiple SCSI hard disks, and the computer is configured in the BIOS to boot from one of these SCSI hard disks with an ID greater than 0, you cannot perform a Full System Recovery on the computer. If the computer will not boot, you must install the operating system manually. Then you can restore the data from the Full System Recovery CD-ROM. “Cannot extract files to disk” You might see this message if you are recovering from a CD-ROM set in which the temporary operating system spans more than 1 disc. To fix the problem, you must recreate the discs with a temporary operating system smaller than the capacity of a CDROM (650 MB). The same error can also appear in case of a bad CD media. “The modem has detected an internal error” You might see this message during Full System Recovery on the IBM ThinkPad 600E, along with options to restart or shut down the modem. Simply choose to shut down the modem, and the Full System Recovery should continue normally. “D:\DISK1 is not accessible. Folder was moved or removed” Some CD-ROM drives, notably certain NEC models, might not be able to read CD-ROMs that have not been finalized (or “closed”). If you encounter error messages claiming that files or folders cannot be found, you might need to finalize the CD-ROMs with your CD writing software. Some CD writing programs let you finalize discs that you have already written. If you do not have this option, you must create the discs again. In that case, the easiest way to finalize the discs is to create them using the “disc-at-once” option. System file errors If you see Windows errors relating to system files that cannot be replaced, or Windows Update errors relating to .DLLs, you might be attempting to recover the computer from a Full System Snapshot that was performed in the middle of the installation of a program. If a user installs a program that requires the computer to be restarted, but a Full System Snapshot is performed before the computer is restarted, you cannot recover the computer from this snapshot. Try creating a new Full System Recovery disk from a different snapshot. Service Control Manager and other Windows errors During the Windows part of Full System Recovery, you might see error messages relating to services not starting or files not being found. Often these messages appear because certain items specified in the Windows registry were not included in the temporary operating system being used to restore the computer’s files. The Full System Recovery should continue normally in the background, even if these messages appear. They should not appear when the Full System Recovery is complete. After the temporary operating system is installed, the protected computer cannot connect to the server to complete Full System Recovery If a network device driver was installed or updated just before the snapshot used for Full System Recovery, and the protected computer was not restarted between the driver installation and the snapshot, then it is possible that the required driver files were not included in the temporary operating system. This occurs because Recovery Solution only checks for required system files while the computer starts up. If the required files are Recovery Solution Reference Guide 219 missing, the network card might not function correctly, and a connection to the server becomes impossible. The problem can sometimes be corrected by recreating Full System Recovery disks and adding the entire Windows folder to the temporary operating system. “psAuthInfo or psAuthInfo->psAuthIdentityData is Null” You might see this error if you chose a snapshot from a version of Recovery Solution earlier than 4.0 as the source for Full System Recovery. You can use snapshots from Recovery Solution 3.2 or later, but to do so you must include all user data on the CDROMs. Full System Recovery fails when creating disk structure If the Full System Recovery fails when creating the disk structure, you can perform a Full System Recovery without formatting the hard drive. For information, see Using Full System Recovery Without Formatting Drives Option (page 145). Full System Recovery incomplete, but no error appears After partitions converted to NTFS, computer restarts, but does not boot This symptom could occur when the partition information in a disk’s Master Boot Record (MBR) does not match the information in the disk controller. To fix the problem, you need to erase the partition table from the MBR. You can use the pclean.exe program installed with the console for this purpose. Pclean.exe is located on the Recovery Solution Server at C:\Program Files\Altiris\Recovery Solution\Console. You can also access it through the Altiris Console on the Tasks tab under Tasks > Incident Resolution > Recovery Solution > Erase Partition Table. To erase the protected computer’s partition tables 1. Boot the protected computer to DOS. To do this you can boot using Full System Recovery disks and then press N to cancel. 2. From the DOS prompt, run pclean.exe. 3. You will be prompted to enter disk numbers from which you want to erase the partition tables. If you know which disk is causing the problem, you can erase only that partition table. Otherwise, you might have to erase them all. 4. After you have erased the partition tables restart Full System Recovery. I’m prompted to insert next CD-ROM, but it has already been inserted, or current CD-ROM is last of recovery set The most likely cause of this error is a bad CD. Try the following to resolve the problem. z Click Try Again in the dialog box that appears following the error message. Recovery Solution Reference Guide 220 z Recreate the CD-ROM that was being processed at the time of failure. This is not the CD-ROM that you inserted after the prompt, but the previous one. Be sure not to rerecord the data onto the faulty CD-ROM. Try to continue with the new CD-ROM. Full System Recovery stops First make sure that the Full System Recovery has really stopped. z Check the status messages on the screen to see if Recovery Solution is in the middle of a task. z Check the hard disk activity light on the computer casing to see if there data is being read from or written to the hard disk. z Even after you are convinced that the system has stopped prematurely, wait 10 minutes to be sure. If you are still convinced that the Full System Recovery has stopped before it is done, you can try the following. z Restart the computer. The Full System Recovery might continue normally once you restart. z If the recovery does not continue, you might have to start over again. If you attempted a fully automatic Full System Recovery that failed, you can try a dataonly Full System Recovery. Problems occur after server upgrade After the server has been upgraded, certain limitations of Full System Recovery may apply. If you are performing Full System Recovery over the network, you cannot use an image created with an older version of the software. In this case, the server cannot automatically upgrade the protected computer, and user’s account becomes disabled. To successfully perform Full System Recovery from an old image after a server upgrade, and ensure that the user’s account remains active, use only Full System Recovery from CD-ROM (and not over the network). A similar issue arises (the user’s account becomes disabled because the new version of Recovery Agent cannot use data restored from the older version), but the user can then reinstall Recovery Agent after Full System Recovery is completed to fix the problem. Error appears after Full System Recovery Norton AntiVirus security warning If the protected computer is running Windows Me, then after Full System Recovery is complete, Norton AntiVirus might display a warning indicating that security resources have been tampered with. You can safely close and ignore this error. Hibernation Utility: “Your computer cannot go into hibernation mode” If you are using a Toshiba notebook computer with Windows 98 SE, you may see this error message after you have run a Full System Recovery and restarted the recovered computer. This error message appears because a hibernation file was not restored during Full System Recovery. Hibernation files are not included in Full System Recovery or snapshot operations, because they can take up large amounts of memory, and contain non-essential information such as current running applications and their window positions. To work around this error, you can restore the computer’s hibernation file using a hibernation utility named “Halloc.exe”. Recovery Solution Reference Guide 221 To restore a hibernation file 1. Restart the computer in MS-DOS mode. 2. Go to the directory “C:\Windows\”. 3. Type Halloc /C. Note The file “Halloc.exe” will be in “C:\Windows” if you installed Windows on the computer from the original Toshiba CD. If you do not have this file in the Windows directory, you can obtain it from the Toshiba Web site (http://www.toshiba.com). 4. After you see a “File is created” message, restart the computer. Recovery Agent not working after Full System Recovery If Recovery Solution was uninstalled before the Full System Recovery, you might have trouble running snapshots and restoring files once the Full System Recovery is complete. That’s because the uninstall process removed some of the information about the protected computer from the server. To fix this problem, reinstall Recovery Agent using the same account as before. After the software is reinstalled, snapshots and restores should work normally. Note Full System Recovery can be performed from a Full System Snapshot that was done using previous versions of Recovery Solution. To use snapshots from earlier versions, you must add all the user data to the CD-ROM set. Files missing or outdated after Full System Recovery If you completed a Full System Recovery but some of your files are missing or outdated, the Full System Recovery disk might have been created with an older snapshot specified. Once the protected computer is up and running with Recovery Agent installed, the user can restore the missing files by using Recovery Agent options. For instructions, see the Recovery Solution User’s Guide. Full System Recovery stalls If there is a large number of files on a CD-ROM recovery set, data restore may be slow, and may even appear to be making no progress for some minutes. In this case, recovery has not failed; it is simply slow. Full System Recovery CD-ROM failure During Full System Recovery from CD-ROM, processing of a particular CD-ROM may fail. One of the following scenarios may occur: z During recovery, you are prompted to insert the next CD-ROM, but the CD-ROM being processed is the last in the recovery set. Recovery Solution Reference Guide 222 z During processing of a CD-ROM, you are prompted to insert the next CD-ROM in the recovery set. Upon insertion of the next CD-ROM, recovery fails. Try the following in order to resolve the problem: z Click the Try Again button in the Recovery Solution Full System Recovery error dialog box. z Re-record the CD that was being processed at the time of failure. This is not the CD inserted after the prompt for the next CD, but the previous one. Data from the CD being read at the time of failure must be re-recorded onto a different CD. Full System Recovery and Windows 98 with Symantec Antivirus After the Full System Recovery DOS part finishes and the computer is restarted, the following message may appear. Cannot find device that might be needed to run windows or windows application c:\progra~1\symantec\symevnt.386 Press any key Pressing any key will boot Windows without problems Cannot Cancel Restore of Folder Files from the folder for which you're trying to cancel the restore process are probably stored on multiple CD-ROMs. To cancel restore of the folder, you must insert and confirm cancellation for each CD-ROM containing data from that folder. Norton AntiVirus Security Warning If you are running Windows Me and have Norton AntiVirus installed, then after Full System Recovery is complete, Norton AntiVirus might display a warning indicating that security resources have been tampered with. You can safely close and ignore this error. Account Disabled After Full System Recovery After Full System Recovery has been performed on your computer, you might see a message saying that your account has been disabled. This can happen if your computer is recovered to a point in time from before your current account status. Example: the following situations could cause this message to appear. z You have reinstalled Recovery Agent, but your computer is recovered to a point in time before you reinstalled. z You have uninstalled Recovery Agent, and your computer is recovered using Recovery Solution Full System Recovery. To fix the problem, simply reinstall using your existing account. Full System Recovery fails on HP NetServer LC2000 Full System Recovery can fail when creating disk structure on HP NetServer LC2000 with Phoenix BIOS 4.06.23 PV. For information, see Full System Recovery fails when creating disk structure on page 220. Recovery Solution Reference Guide 223 Recovery Fails on Computers with Phoenix nForce 6A61CPAAC-00 BIOS Computers with Phoenix nForce BIOS ver. 6A61CPAAC-00 (BIOS date 10/22/04) may fail to start after RapiDeploy image creation and after RapiDeploy image restore during F11 recovery with the following error: Booting Production partition.... NTLDR is missing Press Ctrl+Alt+Del Restart the computer manually once again. The problem should be resolved. Rollback Troubleshooting Certain error conditions that cause the rollback not to succeed might not report that condition back to the console. If the rollback seems to be running for an excessively long time, you should check the protected computer itself to see if any errors have occurred. You can cancel the job from the console job queue. The following are some specific errors you could encounter while trying to perform a rollback. Choose the item that best describes the problem you are having, or scroll down to browse the information. z Unable to see Desired Snapshot During a System Rollback (page 224) z Rollback Cannot Be Started From the Console (page 225) z Job Cannot Be Submitted (page 225) z After Rollback, User Is Prompted to Uninstall (page 225) z Rollback Fails (page 225) z After Rollback, a Restored Drive Contains No Data (page 226) Unable to see Desired Snapshot During a System Rollback Problem: When the agent software is reinstalled or upgraded, the snapshots from the previous installation do not appear in the Steam Rollback wizard. Cause: This was done by design to hide old snapshots. Solution: You must add a registry value to use snapshots from previous installations for a System Rollback. 1. Open the Windows registry editor. 2. Browse to the following registry key: HKEY_LOCAL_MACHINE\Software\Altiris\eXpress\Recovery Solution Agent 3. Right-click on the details pane and select New and then DWORD value. 4. Type in the name ShowRedSnapshots. 5. Double-click ShowRedSnapshots and type in a value of 1. Recovery Solution Reference Guide 224 Rollback Cannot Be Started From the Console If the protected computer is running Windows XP or Windows Me, its connection to the server could be hampered by the Windows connection firewall, which prevents the server from reaching the computer. If the protected computer is behind a corporate firewall, or on a VPN connection to a network that has a firewall, it is probably protected by that firewall, so the user can usually turn off the personal firewall. Assuming that the server is on the same network, this should allow all features to work properly. Note Internet Connection Sharing uses the Windows firewall by default, so if the protected computer uses Internet Connection Sharing then you could run into the same problem. Job Cannot Be Submitted In Windows 2000/XP, one cause of this error is that the drive that contains the files being restored uses the NTFS file system, and the local SYSTEM account on the protected computer does not have full access to the drive. Recovery Solution uses this account to read and write data. To fix the problem, make sure that the SYSTEM account has access to the drive. After Rollback, User Is Prompted to Uninstall If rollback is performed using a snapshot from an earlier version of Recovery Solution, then after the recovery is complete, Recovery Agent must be reinstalled on the protected computer with the user’s existing account. Rollback Fails The following are potential causes of this problem. z If the server is running MSDE (the lite version of Microsoft SQL Server), then the number of SQL Server connections used by Recovery Solution should not be set to anything greater than 5. If too many simultaneous connections are allowed, certain tasks could fail. For instructions on setting the number of connections used by Recovery Solution, see Licensing Recovery Solution on page 44. z There might not be enough registry free space on the protected computer. Under Windows 2000/XP, Recovery Solution requires that a certain percentage of the space allocated for the registry be free in order for snapshots or rollback operations to work. If the registry quota is insufficient, the registry cannot be restored properly during rollback. To correct the problem, you must increase the maximum registry size so that there is enough free space for Recovery Solution to use. The change is made in the Virtual Memory dialog box along with the Windows paging file sizes. Start by following the recommendations published by Microsoft for increasing the maximum registry size. They are included in the Microsoft Knowledge Base article Q176083, which you can obtain from a number of Microsoft technical publications or from the Microsoft Web site (http://www.microsoft.com). Recovery Solution Reference Guide 225 If rollback still fails, it might be necessary to increase the maximum registry size even more. You might find you need to increase the maximum registry size to as much as 50 MB. After Rollback, a Restored Drive Contains No Data If the protected computer’s drive configuration has changed since the time of the snapshot to which you are rolling back, then the old drive configuration is restored, but it is possible that one or more drives contains no data. To restore the data, perform a second rollback to the snapshot you chose for the first rollback. Recovery Solution Reference Guide 226 Chapter 13 Recovery Agent Troubleshooting To troubleshoot the Recovery Agent, choose the troubleshooting topic that applies to your situation. z Troubleshooting: Install/Uninstall on page 227 z Troubleshooting: Snapshots on page 230 z Troubleshooting: Restoring Data on page 236 z Troubleshooting: Error Messages on page 240 z Troubleshooting: Options on page 243 z Troubleshooting: Event Logs on page 244 z Troubleshooting: Rollback on page 246 z Troubleshooting: Other Issues on page 248 Troubleshooting: Install/Uninstall What type of installation problem are you having? z When installing Local Recovery, I get an error stating that I am using non-supported devices. See Troubleshooting: Unsupported Devices on page 227. z I cannot install the Altiris Partition for Local Recovery. See Troubleshooting: Problems Installing the Local Partition (page 228). z I cannot update my Recovery Agent installation. See Troubleshooting: Cannot Update Recovery Agent on page 229. z When I update Recovery Agent, my settings are lost. See Troubleshooting: Settings Not Saved During Update on page 229. z After Uninstalling Recovery Agent, bad clusters still exist on hard drive. SeeTroubleshooting: Unusable Clusters after Uninstall on page 229 z When Installing Recovery Agent fails with error “unable to configure the settings. See Troubleshooting: Install fails with unable to configure the settings error on page 230 Troubleshooting: Unsupported Devices When installing Local Recovery, you may get an error message similar to the following: Found hardware, which is not supported by the current version of the Local Recovery. Local snapshot functionality will not work. Please review the drivers in the Hardware Device Manger and disable the unsupported hardware. Local Recovery and Local Recovery Pro cannot be installed on the following drive types: Serial ATA RAID Recovery Solution Reference Guide 227 SCSI* (*Adaptec 3800/3900 series are supported, others are not) If your computer uses these devices, you will need to remove them before installing Local Recovery. If your computer does not use these devices, you may still get this error message. Some computers may have drivers loaded for devices that are not actually used in the computer. If you get this error message, but you are not using this devices, view your Windows Device Manager. If a driver for one of these devices is loaded, uninstall it, restart your computer, and try the installation again. Troubleshooting: Problems Installing the Local Partition Problems Launching the Recovery Agent Partition Wizard If you have compression turned on for the drive that you are trying to install Local Recovery on, you will get the following error: “Recovery Agent failed to launch Partition Wizard. Procedure failed with error 0x1F. If problem persists, please contact support for Altiris Recovery Solution.” Local Recovery cannot create the Altiris Partition on a compressed drive. To solve this problem, disable compression for the drive, and reinstall Local Recovery. For more information on using compression with Local Recovery, see the notes under Installing the Recovery Agent in Local Mode on page 60. Problems Creating the Altiris Partition When trying to create the Altiris partition for local recovery, the user may get the following message: “Altiris Recovery Agent failed to create initial image of the system.” This message usually indicates that it was not possible to find enough contiguous free space on the drive to create the partition of the size specified. To correct this situation the user can do one of two things; first, they can try and create a partition smaller than the suggested size or second, they can exit the install and run a defragmentation utility to attempt to create enough contiguous space for the partition creation. Problems Creating the Initial Snapshot After the creation of the Altiris partition, the user may get the following error: “Altiris Recovery Agent failed to create the initial image of the system.” On computers where 50% or more of the hard drive is used prior to the creation of the Altiris Partition, users may encounter problems taking the initial snapshot. If this message is encountered and the drive is more than 50% full, the user can try the following steps to correct the issue: 1. Cancel the snapshot. 2. Reboot to Windows. 3. Run Windows Disk Cleanup. 4. Delete any unnecessary files. 5. Run Windows Disk Defragmenter. 6. Restart the installation. Recovery Solution Reference Guide 228 Troubleshooting: Cannot Update Recovery Agent The following are some potential causes of update problems. z If the automatic update doesn't seem to work, make sure that you are logged on as an authorized user of Recovery Solution, then let the upgrade run again. You can cause the upgrade to start by simply browsing your protected files. z To install the Recovery Agent on a Windows 2000/XP computer, you must be a member of the Administrators user group or have administrative rights on your computer. If you don't have administrative rights, ask the Recovery Solution administrator to install the software for you. z If you get errors trying to install the Recovery Agent over an older version, try uninstalling the Recovery Agent first, then install the new version. In some cases Setup might prompt for a user name and password, but not accept them even if they are valid. This could occur if you are trying to reinstall from a command-line Setup package provided by your administrator, and you are not the original user who installed Recovery Agent on your computer. In this case, you need to specify user credentials on the command line as follows: AgentSetup.exe /Reinstall /Comp:computer /User:primary_username / GUser:your_username /Pass:your_password If your administrator provided other command-line switches to use, be sure to include them as well. The order that switches appear on the command line is not important. Troubleshooting: Settings Not Saved During Update During a regular software update or reinstallion using the same account, all your settings should be saved. However, some settings might revert back to the default state under any of the following circumstances. z You completely uninstall the software first, then reinstall it. Uninstalling the software removes all settings. If you want to update the software and keep your old settings, simply install it over the existing copy. z You install the software on a different computer from the one you originally installed it on. Some settings are stored on your computer rather than on the server, so even if you use the same account, those settings are not kept when you install the software on a different computer. Troubleshooting: Unusable Clusters after Uninstall After uninstalling the Recovery Agent, there still may be clusters on the computer’s hard drive that are not made available. To repair the clusters, you can download a BWINST utility from Altiris Technical Support. Then from a command prompt, run it with the following parameters: BWINST -rs -u -d:<disk number> Recovery Solution Reference Guide 229 Troubleshooting: Install fails with unable to configure the settings error During install you get the following error: Error 25015. The setup has detected that Recovery Agent is unable to configure the settings for this computer. See more details in to the AexCRAS.log file which is available in your Windows temporary folder. The reason for this error is that the current logged in user on the computer can not access of modify settings in the registry, the user can try the following steps to correct the issue: 1. Run Regedit 2. go to the following entry HKEY_LOCAL_MACHINE\SOFTWARE\Altiris\eXpress 3. right click on eXpress folder and select Permissions.... 4. Reset Permissions for all users to Full Control and Read 5. Rerun the Recovery Solution agent install Troubleshooting: Snapshots What happens when you try to take a snapshot? z The snapshot options are disabled or otherwise not available. See Troubleshooting: Snapshot Options Unavailable on page 231. z I start a manual snapshot, but nothing happens. See Troubleshooting: Nothing Happens on page 231. z I start a manual snapshot, but my computer locks up or otherwise fails to respond as expected. Troubleshooting: Erratic Behavior on page 231. z I scheduled a timed or automated snapshot that does not appear to have been performed. See Troubleshooting: Snapshots Don't Run on page 232. z The snapshot starts correctly, but stops before it is completed. See Troubleshooting: Snapshot Stops Prematurely on page 234. z During the snapshot, the Windows Installer screen appears. See Troubleshooting: Windows Installer Appears During Snapshots on page 235. z The snapshot does not contain all my files. See Troubleshooting: Snapshot Is Missing Files on page 235. z I receive an error message while the snapshot is being taken. See Troubleshooting: Error Messages on page 240. z I am prompted to log on, but then nothing happens. See Troubleshooting: Logon Problems on page 250 z I am prompted to log on, but my user name and password are not accepted. See Troubleshooting: Logon Problems on page 250. Recovery Solution Reference Guide 230 Troubleshooting: Snapshot Options Unavailable z An administrator can disable snapshot and recovery activity on your computer. This might be done temporarily for maintenance purposes. z If you want to take a snapshot of a specific file or folder, and you browse to the folder using Windows Explorer, you can start a snapshot by right-clicking the file or folder and clicking Snapshot from the menu. You can also select the file or folder and click File > Snapshot. In some cases, the Snapshot option is not available. This problem can occur if using a version of Windows Internet Explorer earlier than 6.0. To solve this problem, upgrade Internet Explorer to 6.0 or newer. Troubleshooting: Nothing Happens If you choose an Recovery Solution option but nothing happens, it could be for the following reasons. z Under some circumstances, if you are starting a snapshot or restore, it might take up to several minutes for the progress window to appear, so it seems as if nothing is happening. z If for some reason the server is not working properly, it might also be several minutes before an error message appears. You can check the availability of the server by looking at the Windows taskbar. The Recovery Agent system tray icon, usually located at the bottom right of your screen, displays a red mark if there is a problem contacting the server. If the server is unavailable, contact your Recovery Solution administrator for further assistance. If the server is available, there might be a configuration problem. See Troubleshooting: Options on page 243. If the progress window opens but does not continue, see Troubleshooting: Recovery Solution Stops During a Snapshot or Restore on page 234. z If you are using Windows XP and your computer is not part of a Windows domain, you might be running into problems with Fast User Switching. For more information, see Troubleshooting: Fast User Switching on page 252. Troubleshooting: Erratic Behavior There appear to be some incompatibilities between Recovery Agent and other products that could cause some Recovery Solution functions to fail. Check to see if you have the programs below installed. If you do, you might need to uninstall the other product before you can continue. z Legato Replica z Replica for HP SureStore Tape z Stac Replica Tape z Timbuktu Enterprise 2.0 Build 635 z Tivoli Data Protection for Workgroups Recovery Solution Reference Guide 231 Troubleshooting: Snapshots Don't Run Snapshots can be performed at specific times (scheduled), or they can be associated with specific events (Example: snapshots that start when you log off). What type of snapshot are you having trouble with? z Scheduled snapshots. See Troubleshooting: Scheduled or Automated Snapshot Doesn't Run on page 232. z Snapshot on logoff. See Troubleshooting: Snapshot on Logoff Doesn't Run on page 233. Troubleshooting: Scheduled or Automated Snapshot Doesn't Run Automated snapshots can be performed at specific times (scheduled), or they can be associated with specific events (Example: snapshots that start when you log off). There are a number of reasons that a scheduled or automated snapshot might not start when you expect it to. If a scheduled or automated snapshot does not run, check the following. z Scheduled snapshots that are based on a time of day take place according to the internal clock of the server, not your computer. When scheduling your snapshots, you should allow for typical deviations in clock settings. Example: suppose your computer's clock reads 1:00 P.M., while the server's clock reads 1:10 P.M. If you schedule a snapshot to start at 1:05 P.M., you might expect it to run in 5 minutes, but it won't because according to the server 1:05 P.M. is already past. The snapshot won't run until the next scheduled day. For proper operation, the clocks on the Recovery Solution Servers and clients must be synchronized. z If you are running Windows XP or Windows Me, a connection firewall might be preventing the server from reaching your computer. For more information, see Troubleshooting: Connection Firewall on page 251. z Your computer might have been off. You do not have to be logged on with a user name and password, but your computer must be on for a snapshot to be run. If you're running Windows 9x/Me, your computer must be started in Windows mode (not MS-DOS mode). z To ensure that all your files are protected, you should reinstall the software as soon as possible after an upgrade to Windows. If you don't reinstall, then your scheduled or automated snapshots might not occur. z The Recovery Solution administrator can limit the number of simultaneous connections to the server. If many scheduled snapshots are running at the same time, then some snapshots might get delayed because they are not all allowed to run at the same time. As long as the server is not constantly using the maximum number of connections throughout the entire scheduled time range for your snapshot, the snapshot should start (though probably not at the beginning of the time range). On the other hand, if many other protected computers are accessing the server constantly during the entire time range scheduled for your snapshot, the scheduled snapshot might not run on that day, and your computer won't take an automatic snapshot again until the next scheduled snapshot time. If you are allowed to change Recovery Solution Reference Guide 232 your own snapshot schedule, you can increase the time range to give your snapshot a greater chance of being taken. If your snapshots are frequently skipped because of limited access to the server, you should notify the Recovery Solution administrator. z If there's a problem on the server or if the server is simply not running during your scheduled snapshot time, the snapshot won't start. z A local-mode snapshot on event (such as log on, idle, resume, or dock) may fail to start in case HP Wireless Assistant 1.01 is installed on the computer. The workaround is to uninstall the HP Wireless Assistant software or to rely on automatic scheduled snapshots. You can still use the Snapshot on Logoff feature, as it is not affected by this issue. Troubleshooting: Snapshot on Logoff Doesn't Run Snapshot on logoff might not run for the following reason. z Windows might be logging you off before the snapshot has a chance to run. This behavior is controlled with an application timeout registry setting that is different for each user on the computer. In most versions of Windows, the default for this timeout is long enough that it does not interfere with the snapshot on logoff timeout. However, in Windows XP and Windows 2000, the default timeout is too short. Recovery Solution automatically increases this timeout when Setup is run, but if the setting was subsequently changed, or if you are not the user who installed the software, then you might have to change the setting manually. To increase the Windows application timeout 1. From the Windows Start menu, click Run. 2. Type regedit.exe, and click OK. Caution Be extremely careful when editing the Windows registry. If you accidentally change or delete the wrong values, your computer could stop working properly. You might want to print the Registry Editor Help topic “To restore the registry” before making any changes. This topic describes how to revert to an old version of the registry if your computer won't start. 3. Browse to the following Registry location. HKEY_CURRENT_USER\Control Panel\Desktop 4. In the list of values (usually on the right), select HungAppTimeout. 5. From the Edit menu, click Modify. 6. Under Base, click Decimal so you can enter the number you want in regular decimal format. 7. Under Value data, specify the number of milliseconds you want Windows to wait before automatically trying to close an application. Be sure this value is at least 20000. 8. Click OK. Recovery Solution Reference Guide 233 For additional troubleshooting information, see Troubleshooting: Snapshots Don't Run on page 232. Troubleshooting: Snapshot Stops Prematurely What happens when the snapshot stops? z The Progress window stays on the screen for a long time without continuing. See Troubleshooting: Recovery Solution Stops During a Snapshot or Restore on page 234. z Recovery Solution completes the snapshot, but the snapshot does not contain all of my files. See Troubleshooting: Snapshot Is Missing Files on page 235. z Recovery Solution stops the snapshot and displays an error message. See Troubleshooting: Error Messages on page 240. z The Progress window closes. See Troubleshooting: Unknown Solution on page 252. z Something else happens. See Troubleshooting: Unknown Solution on page 252. Troubleshooting: Recovery Solution Stops During a Snapshot or Restore z If you're running a snapshot, check to see if the Close button is available. When a snapshot is complete, the Close button replaces the Stop button, and a Snapshot complete message appears. Sometimes the statistics mistakenly indicate that there is still more information to be copied, but this is not the case. Once the Close button becomes available, all files have been successfully included in the snapshot. Note Be careful not to close the window too soon. If you are running a snapshot on multiple drives, the progress is displayed separately for each drive and reaches 100% after each drive is finished. If more data still needs to be included, the button reads Stop, not Close, and if you choose it, the rest of the files will not included. z If you start a snapshot and the Close button becomes available but no files appear to have been protected (the percentage complete stays at 0%), you might be using the McAfee VirusScan Safe & Sound feature. If you use this feature to store backup files as “protected volume files,” your snapshots might not run successfully. The problem can be fixed by either turning off Safe & Sound, or by reconfiguring it to store backups as folders instead. z If you are restoring many files, the message “Initializing the list of items to restore. Please wait...” might stay on the screen for a very long time. This is normal behavior. You can continue working in other programs while the restore process initializes. z If you think your snapshot or restore is really stalled, try clicking the Stop button in the Progress window. (If you don't see a Stop button but you see a Close button, then the snapshot or restore is finished, and you can close the window.) If you cannot close the Progress window, close your other programs and restart your computer, then try the snapshot or restore again. If it still fails, contact the Recovery Solution administrator. There might be a problem with the server. Recovery Solution Reference Guide 234 Troubleshooting: Windows Installer Appears During Snapshots You might see the Windows Installer screen appear during your snapshots if you have Microsoft Office 2000 installed on your computer, and any of its components are configured with the option to Install on first use (which is the default for many components). If you cancel the installer, the snapshot should continue normally. Troubleshooting: Snapshot Is Missing Files Listed below are some reasons that your snapshots might be missing files. z The files are excluded from the snapshot. A file might be excluded from a snapshot in any of the following ways. By not including the drive in the snapshot. If performing a manual snapshot, make sure you select the drive on which you want to run a snapshot. For scheduled snapshot, make sure the drive is checked in the snapshot schedule options. By excluding the file automatically from all snapshots (manual or scheduled). This is configured in the snapshot exclude options. There are a number of ways you that the exclude options might be configured to make Recovery Solution ignore a file during a snapshot. For more information, see the “Snapshot Exclusion Notes” in the Recovery Solution User’s Guide. z The files are open or locked during snapshot. Under certain conditions, Recovery Agent fails to backup files, which are locked or open. These conditions include the following: · Recovery Agent is running Windows 9x/Me. Recovery Agent for Windows 9x/Me does not include the OFM driver, hence, it does not provide open and locked file support. · Protected computer is running Local Recovery Agent. Local Recovery Agent does not provide support for open and locked files. Note Local Recovery Pro provides open and locked file support. For more information on the additional benefits of Local Recovery Pro, see Local Recovery Pro on page 15· OFM synchronization fails during snapshot. Sometimes, when the write activity rate spread is uneven among the protected computer multiple hard drives, the most active drive’s write operations may cause OFM synchronization to fail even though this particular drive was excluded from the snapshot. In this case, you need to change the OFMState value to enable OFM synchronization by volume (as opposed to the default “synchronize the whole system” setting). Recovery Solution Reference Guide 235 Warning Before using “Sync by volume” option, make sure there are no databases or applications that span across multiple volumes in your environment. z If you start a snapshot and the Close button becomes available but no files appear to have been protected (the percentage complete stays at 0%), you might be using the McAfee VirusScan Safe & Sound feature. If you use this feature to store backup files as “protected volume files,” your snapshots might not run successfully. The problem can be fixed by either turning off Safe & Sound, or by reconfiguring it to store backups as folders instead. Troubleshooting: Restoring Data Which type of data restore are you trying to perform? z I am trying to restore files by browsing my snapshot data. See Troubleshooting: File Restores on page 236. z I am trying to perform a rollback. See Rollback Troubleshooting (page 224). z I am trying to perform a Full System Recovery. See Full System Recovery Troubleshooting (page 216). z I am trying to restore files with a Web browser. See Troubleshooting: Web-Based File Recovery Logon Doesn't Appear on page 238. z I don't know the difference between the restore types. See Troubleshooting: Unknown Restore Type on page 240. z Other Issues Relating to Restoring Data on page 240 Troubleshooting: File Restores What happens when you try to restore data? z I cannot view my protected files. See Troubleshooting: Cannot View Protected Files on page 237. z I'm having trouble understanding file versions or getting a particular file version. See Troubleshooting: Protected File Versions on page 237. z I choose Restore or drag file snapshots to my computer, but nothing happens. See Troubleshooting: Nothing Happens on page 231. z I am prompted to log on, but then nothing happens. See Troubleshooting: Logon Problems on page 250. z I am prompted to log on, but my user name and password are not accepted. See Troubleshooting: Logon Problems on page 250. z I cannot log on with a different account when using Web-based file recovery. See Troubleshooting: Web-Based File Recovery Logon Doesn't Appear on page 238. z Windows Explorer crashes. See Troubleshooting: Restore Crashes Windows Explorer on page 239. z Recovery Agent freezes during a search for files to restore. See Troubleshooting: Recovery Solution Freezes During File Search on page 239. Recovery Solution Reference Guide 236 z I choose Restore, but my computer locks up or otherwise fails to respond as expected. See Troubleshooting: Erratic Behavior. z The restore process starts correctly, but stops before it is completed. See Troubleshooting: Restore Stops Prematurely on page 239. z I receive an error message during the restore process. See Troubleshooting: Error Messages on page 240. z I cannot restore a file larger than 4GB on a FAT32 disk. See Troubleshooting: Not Enough Space Available to Restore (FAT32) on page 238. z I completed a manual restore, but some of the files I tried to restore are missing or damaged. Troubleshooting: Unknown Solution on page 252. Troubleshooting: Cannot View Protected Files The following are potential causes of this problem. z If a particular file or folder originated on an NTFS drive, and you do not have at least read access to the file or folder, then you cannot see it in the list of protected files. However, if you restore a folder containing the secure item, the item will also be restored (but you still won't have access to open it). z It's possible that your account has been locked out from the server. Possible symptoms of this problem include the following. You cannot expand the Client Recovery Agent folder in Windows Explorer. Trying to open the Client Recovery Agent folder in its own window causes Windows to display an Action canceled Internet Explorer page. An account lockout is most likely to occur if you are running Windows 9x/Me, and the server is authenticating users locally (not via a domain). In this case, the operating system on the server counts all Recovery Solution connections as invalid logon attempts. If you've restarted your computer several times in a row, you might have to wait until the account lockout expires, then restart your computer again in order to access Recovery Solution. Your administrator should be able to determine what the account lockout policy on the server is. z If you are using Windows XP and your computer is not part of a Windows domain, you might be running into problems with Fast User Switching. For more information, see Troubleshooting: Fast User Switching on page 252. Troubleshooting: Protected File Versions What type of file version problem are you having? z I don't know how to find the version I need. See Troubleshooting: Cannot Find File Versions on page 238. z I cannot tell the difference between file versions. See Troubleshooting: Protected File Versions Are the Same on page 238. z When I restore a folder, I get the wrong version of one or more files. See Troubleshooting: Restored Files Are Incorrect Versions on page 238. z I have a different problem. See Troubleshooting: Miscellaneous File Version Problems on page 238. Recovery Solution Reference Guide 237 Troubleshooting: Cannot Find File Versions While browsing protected files, you can change which file versions are displayed by clicking the View menu, then Recovery Solution Versions. For details about the view options, see “Viewing and Restoring Protected Files” in the Recovery Solution User’s Guide. Troubleshooting: Protected File Versions Are the Same If you are viewing multiple versions of your protected files and you encounter two or more files that appear to be identical, look at the Snapshot Taken column. The date and time shown here might be the only distinguishable difference between versions of a file. This could happen if the file itself did not change between snapshots, but the properties of the file did. Example: Recovery Solution creates a new version of the file if the only change is in its NTFS security attributes. In most cases, you'll probably want to restore the file that has the latest snapshot date. Troubleshooting: Restored Files Are Incorrect Versions If you are running Windows 9x/Me, there is a small chance that when you manually restore a folder, you will not get the latest protected version of every file. This can happen if the letters in a filename on your computer have changed from uppercase to lowercase or vice versa (Example: renaming “testfile.txt” to “Testfile.txt”), because protected files stored on the server are case-sensitive. This is unlikely to happen to data files unless the cases of the file names are intentionally changed. However, it is possible this could happen to program files during software upgrades. You can still view all versions of your files and manually recover the specific file you need. Troubleshooting: Not Enough Space Available to Restore (FAT32) If you try to restore a file larger than 4 GB on a disk formatted with FAT32 file system, you will receive the error “Not enough space available to restore file” even though there may be enough free space available on the disk. This is a limitation of the FAT32 file system. The largest possible file for a FAT32 volume is 4 GB minus 2 bytes. Troubleshooting: Miscellaneous File Version Problems For details about the view options, see “Viewing and Restoring Protected Files” in the Recovery Solution User’s Guide. Troubleshooting: Web-Based File Recovery Logon Doesn't Appear Under some circumstances, Web browsers can obtain valid logon credentials without prompting you. This could make it difficult for you to access protected files that are stored under an account name that is different from the one the browser automatically obtains. Recovery Solution Reference Guide 238 The Web-based file recovery logon prompt might not appear if any of the following conditions are true. z You have already accessed Web-based file recovery during the same Web browser session. Even if you choose the Log Off button, your logon credentials are not necessarily cleared from the browser's cache, so returning to the page might not require another logon. z You are running Internet Explorer, and your logon credentials for Windows are the same as those for Recovery Solution. In this case, Internet Explorer just uses your Windows user name and password without prompting for a logon. If a logon prompt is required (Example: if you want to access protected files that are stored under a different account name), then you can do one of the following. Log onto Windows with a different user account. Access Web-based file recovery using Netscape, which is available for free from the Netscape Web site. Troubleshooting: Restore Crashes Windows Explorer There appears to a compatibility problem between Recovery Solution and a program called PowerArchiver. If PowerArchiver is installed, you might need to disable its Explorer shell extension feature before you can restore files. To disable the PowerArchiver shell extension, do the following. 1. Open PowerArchiver. 2. Click Options. 3. Click Configuration. 4. Click the Explorer Shell Extensions tab. 5. Clear the Use Explorer Shell Extensions checkbox. 6. Click OK. Troubleshooting: Recovery Solution Freezes During File Search If you are searching for files to restore and the Recovery Agent freezes, it may be because the search operation was interrupted and then restarted. If your computer is running Windows Me, the Restore Selection Wizard is likely to freeze after a search is canceled. In this case, you may need to restart your computer in order to continue using Recovery Solution. Troubleshooting: Restore Stops Prematurely What happens when the restore stops? z Recovery Solution stops the restore and displays an error message. See Troubleshooting: Error Messages (page 240). Recovery Solution Reference Guide 239 Troubleshooting: Unknown Restore Type You can restore data in the following ways. z Regular Restore You are performing a regular restore if your computer works, but you have lost some identifiable data that you need to retrieve from a snapshot. You are browsing your snapshot and restoring the files you need. z Rollback You are performing a rollback if you can start your computer, but it is not working properly and you want to return it to a previous state. z Full System Recovery You are performing a Full System Recovery if your files have become so damaged that your computer no longer works properly, and you have lost most or all of your data. You are restoring files by using a Full System Recovery disk created for you by the Recovery Solution administrator. Which type of data restore are you trying to perform? z I am trying to restore files by browsing my snapshot data. See Troubleshooting: File Restores on page 236. z I am trying to perform a rollback. See “Performing Rollbacks” in the Recovery Solution User’s Guide. z I am trying to perform a Full System Recovery. See “Recovery Solution Full System Recovery” in the Recovery Solution User’s Guide. Other Issues Relating to Restoring Data Custom user names for message queues gets renamed into the GUID-like names Sometimes after a rollback or full system recovery, the custom user names for the message queues get renamed into GUID-like names. Such names will be returned back to the normal view after the user sends a new message into the queue or after restarting the Message Queueing service. Troubleshooting: Error Messages Where do you see this error message appear? z The message appears in the Progress dialog box. See Troubleshooting: Error Messages in the Progress Dialog Box on page 241. z The message pops up in its own window. See Troubleshooting: Error Message Boxes on page 242. z I found the message in the event logs. See Troubleshooting: Error Messages in the Event Logs on page 246. Recovery Solution Reference Guide 240 Troubleshooting: Error Messages in the Progress Dialog Box If the message says that there was an error restoring the registry, see Troubleshooting: System Low on Registry Quota. Otherwise, have you previously performed the same task without seeing this error? z Yes, I was once able to perform this task successfully. See Troubleshooting: New Error. z No, this error often appears when I perform this task. See Troubleshooting: Repeated Error. Troubleshooting: New Error A new error indicates that something on your computer, on the server, or on the network has changed recently. z First, try again. Sometimes temporary conditions on the network prevent normal communications from occurring, and a retry is all that's required. You might also find that restarting your computer makes the problem disappear. z If you recently changed any settings (particularly network settings) or installed any new software on your computer, it's possible that Windows replaced some of the shared files required by Recovery Agent. If the files were replaced with older versions, then Recovery Agent might no longer work properly. Specifically, some programs replace the DCOM system files that Recovery Solution uses to communicate between your computer and the server, which could prevent you from running snapshots and restoring data. Ask your Recovery Solution administrator to help you get the correct files back on your computer. Note To minimize this problem, always keep the newer versions of files when given the choice. Windows usually asks whether or not you want to keep your existing version of a file when it is newer than the one being installed, and you should always choose Yes. Some programs (such as Internet Explorer 4.0 and the Windows 98 Upgrade) replace files without asking, so you might still see this problem occasionally. Windows 98 includes a Version Conflict Manager that you can use to restore files that were on your computer before you installed Windows 98. z If you recently installed FrontPage 98 Personal Web Server, you might need to change one of the default Personal Web Server settings to allow you to continue taking snapshots manually. For instructions, see Troubleshooting: FrontPage 98 Personal Web Server Conflict on page 250. z If any network settings changed recently, Recovery Solution might not have the information it needs to communicate properly across the network. If you changed the network configuration of your own computer, you might try putting your settings back the way they were to see if it fixes the problem. If you're running certain versions of Windows, you can use Recovery Solution to do this. For details, see “Saving and Restoring Network Settings” in the Recovery Solution User’s Guide. If your network administrator changed settings somewhere else on the network, or if anything on the Recovery Solution server was changed, you might ask if other Recovery Solution users are encountering problems as well. If they are, there's a good chance that the network change has something to do with the problem. You'll have to work with the network administrator or the Recovery Solution administrator to correct the problem. Recovery Solution Reference Guide 241 For more recommendations, see Troubleshooting: Error Checklist on page 246. Troubleshooting: Repeated Error z If you haven't restarted your computer in a long time, restart it and try again. Sometimes restarting the computer clears temporary problems from memory. z If you haven't successfully run a snapshot yet, try reinstalling Recovery Agent using your existing account. z If you have FrontPage 98 Personal Web Server installed, you might need to change one of the default Personal Web Server settings to allow you to take snapshots manually. For instructions, see Troubleshooting: FrontPage 98 Personal Web Server Conflict on page 250. For more recommendations, see Troubleshooting: Error Checklist on page 246. Troubleshooting: Error Message Boxes Here are some specific types of error messages that you might see. For information about solving each problem, follow the appropriate link. z The message says that the job could not be submitted. See Troubleshooting: Job Could Not Be Submitted on page 242. z The message says that my computer's drive configuration has changed, but it hasn't. See Troubleshooting: Drive Configuration Message on page 243. z The message says that the system is running low on registry quota. See Troubleshooting: System Low on Registry Quota on page 243. z My virus protection program warns me about changes to my computer. See Troubleshooting: Virus Warning During Rollback on page 247. z The message indicates a problem with an “authentication service.” See Troubleshooting: Options on page 243. z The message indicates an error in the module tapeng.exe. If your error message does not appear above, have you previously performed the same task without seeing this error? z Yes, I was once able to perform this task successfully. See Troubleshooting: New Error on page 241. z No, this error often appears when I perform this task. See Troubleshooting: Repeated Error on page 242. Troubleshooting: Job Could Not Be Submitted In Windows 2000/XP, one cause of this error is that the drive that contains the files you are protecting or restoring uses the NTFS file system, and the local SYSTEM account on your computer does not have full access to the drive. Recovery Solution uses this account to read and write data. To fix the problem, you need to give the SYSTEM account access to the drive. For information on modifying security settings to a drive, see Windows Help. Recovery Solution Reference Guide 242 Troubleshooting: Drive Configuration Message Recovery Solution detects when your computer's drive configuration has changed and informs you of this because you might need to check your settings in order to ensure that all your files are protected under the new configuration. It is possible that configuration changes could occur that cause Recovery Solution to display this message even though no real changes to your drive configuration have been made. One circumstance under which this could occur is if you are using the McAfee VirusScan Safe & Sound feature to store backup files as “protected volume files.” In this configuration, McAfee creates a virtual drive on your computer. Although this “drive” does not contain any data that needs to be protected (since it's all stored in McAfee's backup file), it causes Recovery Solution to display the drive configuration message. The problem can be fixed by either turning off Safe & Sound, or by reconfiguring it to store backups as folders instead. Troubleshooting: System Low on Registry Quota Under Windows 2000/XP, Recovery Solution requires that a certain percentage of the space allocated for the registry be free in order for snapshots to work. If the registry is already using most of the space available for it, then you might see this message when you perform a Full System Snapshot. An insufficient registry quota can also prevent the registry from being restored properly. To correct the problem, you must increase the maximum registry size so that there's enough free space for Recovery Solution to use. The change is made in the Virtual Memory dialog box along with the Windows paging file sizes. Start by following the recommendations published by Microsoft for increasing the maximum registry size. They are included in the Microsoft Knowledge Base article Q176083, which you can obtain from a number of Microsoft technical publications or from the Microsoft Web site. If you still encounter the error, it might be necessary to increase the maximum registry size even more. When performing a rollback, you might find you need to increase the maximum registry size to as much as 50 MB. Troubleshooting: Options What type of problem are you having with the options? z I can't open the Recovery Agent Options dialog box. See Troubleshooting: Can't Open Options. z A message appears saying that my computer's drive configuration has changed, but it hasn't. See Troubleshooting: Drive Configuration Message on page 243. z Some options don't appear and/or are disabled. See Troubleshooting: Options Are Unavailable. z A message appears saying that the schedule settings cannot be displayed. See Troubleshooting: Schedule Settings Cannot Be Displayed. z When I click the button to change my credentials, nothing happens. See Troubleshooting: Fast User Switching on page 252. z I can't close the Recovery Agent Options dialog box. See Troubleshooting: Cannot Access Dialog Box Buttons on page 251. Recovery Solution Reference Guide 243 Troubleshooting: Can't Open Options What happens when you try to view the options? z I can't find the Recovery Agent icon. See Troubleshooting: Fast User Switching. z Nothing happens. See Troubleshooting: Nothing Happens on page 231. z I am prompted to log on, but then nothing happens. See Troubleshooting: Logon Problems. z I am prompted to log on, but my user name and password are not accepted. See Troubleshooting: Logon Problems. z I get a different error message. See Troubleshooting: Error Message Boxes on page 242. Troubleshooting: Options Are Unavailable Options might be unavailable for any of the following reasons. z Your version of Recovery Agent does not include the option you are looking for. z Your computer might not have the required support installed for an option. Example: if you do not have Dial-Up Networking installed on your computer, the options for protecting your computer remotely do not appear. z You might not have the rights to view or change some options. By default, some options are not available to you. Also, your Recovery Solution administrator can enable or disable certain options for you. z If you see a message saying that your schedule settings cannot be displayed. See Troubleshooting: Schedule Settings Cannot Be Displayed on page 244. z If you are using Windows XP and your computer is not part of a Windows domain, you might be running into problems with Fast User Switching. For more information, see Troubleshooting: Fast User Switching on page 252. Troubleshooting: Schedule Settings Cannot Be Displayed If you see a message saying that your schedule settings cannot be displayed, it's possible that your account has been locked out from the server. An account lockout is most likely to occur if you are running Windows 9x/Me, and the server is authenticating users locally (not via a domain). In this case, the operating system on the server counts all Recovery Solution connections as invalid logon attempts. If you've restarted your computer several times in a row, you might have to wait until the account lockout expires, then restart your computer again in order to access Recovery Solution. Your administrator should be able to determine what the account lockout policy on the server is. Troubleshooting: Event Logs What type of problem are you having with the event log? z When I open the Event Viewer, I see an error regarding the file messages.dll. See Troubleshooting: Messages.dll Is Missing on page 245. Recovery Solution Reference Guide 244 z After installing Recovery Agent under Windows NT, I get frequent messages informing me that the event log is full. See Troubleshooting: Event Log Full on page 245. z I don't understand the event messages. See Troubleshooting: Error Messages in the Event Logs on page 246. z More information: Troubleshooting: Error Checklist on page 246. Troubleshooting: Messages.dll Is Missing You might see this message if you're running the Recovery Agent under Windows 9x/Me, and your software was automatically upgraded from an earlier version. To fix the problem, do one of the following. z Reinstall Recovery Agent using your existing account. z Edit the Windows registry as follows. 1. From the Windows Start menu, click Run. 2. Type regedit.exe, then click OK. Caution Be extremely careful when editing the Windows registry. If you accidentally change or delete the wrong values, your computer could stop working properly. You might want to print the Registry Editor Help topic To restore the registry before making any changes. This topic describes how to revert to an old version of the registry if your computer won't start. 3. Browse to the following registry location. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Applicat ion\Altiris CR Solution 4. In the list of values (usually on the right), select EventMessageFile. 5. From the Edit menu, click Modify. 6. Under Value data, enter the following. C:\Program Files\Altiris\Recovery Solution Agent\messages.dll 7. Click OK. Troubleshooting: Event Log Full Recovery Solution stores errors and other messages in the event log. Depending on how frequently you use Recovery Solution, the event log could fill up very quickly—especially if other installed programs are also writing to the same log. You have two options for dealing with this problem. z Clear the log each time you receive the message. You'll have the option of saving the log before you delete it. z Change the Event Viewer settings to automatically overwrite events. If you do this, you won't have a chance to save old log information, but in most cases it is only the recent log information that is valuable. Recovery Solution Reference Guide 245 Troubleshooting: Error Messages in the Event Logs See your Recovery Solution administrator for information about all Recovery Solution event messages, including errors. Troubleshooting: Error Checklist Here are some additional things to try if you're still receiving errors. z Make sure the version of Recovery Agent you're running is the same as the version that's on the server. Your Recovery Solution administrator should have installation software for the correct version of Recovery Agent. z If you're running Windows 9x/Me, your computer's network access control settings must be configured in one of the following ways. Choose any item for information about where these settings are located. For User-level access control. See the Windows Help topic To control access by using a list of names for instructions. For the Windows NT domain name, be sure to specify the name of the domain that your computer logs onto. For Share-level access control, with your network adapter bound to the TCP/IP protocol. See the Windows Help topic To control access by using passwords for instructions on setting up share-level access control. Windows Help also has information on binding an adapter to a protocol. For Share-level access control, with NetBIOS over TCP/IP enabled. To enable NetBIOS over TCP/IP, do the following. 1. From the Windows Start menu, click Settings. 2. Click Control Panel. 3. Click the Network icon. 4. On the Configuration tab, scroll down until you find the TCP/IP protocol, and select it. If you see more than one TCP/IP protocol, select the one that you use when running snapshots or restoring files with Recovery Solution. 5. Click Properties. 6. Click the NetBIOS tab. 7. Check the box labeled I want to enable NetBIOS over TCP/IP. 8. Click OK. Troubleshooting: Rollback What happens when you try to perform the rollback? z I don't know how to perform a rollback. See “Performing Rollbacks” in the Recovery Solution User’s Guide. z I choose a snapshot to restore from, but nothing happens. See Troubleshooting: Nothing Happens on page 231. Recovery Solution Reference Guide 246 z The restore process starts correctly, but stops before it is completed. See Troubleshooting: Restore Stops Prematurely on page 239. z My virus protection program warns me about changes to my computer. See Troubleshooting: Virus Warning During Rollback on page 247. z I receive an error message during the restore process. See Troubleshooting: Error Messages on page 240. z I completed a rollback, but some of the files I tried to restore are missing or damaged. See Troubleshooting: Rollback Has Missing or Damaged Files on page 247. z I completed a rollback, then I received a message saying that my computer has been disabled. See Troubleshooting: Rollback Disables Computer on page 248. z After rolling back my system, I see an error in the module tapeng.exe. See Troubleshooting: Rollback General Protection Fault Error Message on page 248. z After Rollback, the DHCP server was not started and error 1811 is recorded in the event log. See Troubleshooting: DHCP Problems After Rollback on page 248. z I need to restore data, but I can't start the computer. See “Recovery Solution Full System Recovery Dialog Box” in the Recovery Solution User’s Guide. Troubleshooting: Virus Warning During Rollback Some virus protection programs, such as Norton Antivirus 5.0, have an option to protect the computer's boot code. If you are running Norton Antivirus with this option turned on, and the master boot record has changed since the time of the snapshot being restored, then during the rollback Norton Antivirus prompts you to accept or reject the rollback changes to the master boot record. No matter which option you choose, the rollback continues normally but does not restore either the master boot record or the Windows registry. If you suspect problems with the master boot record or the registry and need these files restored, you should disable the option to protect the boot code, then run the rollback (or have your administrator run it) again. Troubleshooting: Rollback Has Missing or Damaged Files There are some specific issues related to rolling back computers that have Microsoft Office installed. z If you are running Microsoft Office 97, a rollback might cause the Office Shortcut Bar icons to be incorrect. (They all show the same icon.) These are caused by outdated temporary files that remain on the computer after the rollback. To correct the problem, close the Office Shortcut Bar and delete the following files from your computer. They are located in the “Office\Shortcut Bar” subfolder of the folder containing your Microsoft Office program files (by default “C:\Program Files\Microsoft Office”). off3071.tmp off3071h.tmp off3071s.tmp Once the files have been deleted, the Office Shortcut Bar should display the correct icons. Recovery Solution Reference Guide 247 z If you were previously running Microsoft Office 97 but upgraded to Microsoft Office 2000, you should try to avoid rolling back your computer to a point in time when you had Office 97 installed. This might cause some Office files to be restored incorrectly. To correct the problem, you might need to reinstall Office. z If your computer's drive configuration has changed since the time of the snapshot to which you are rolling back, then the rollback restores your old drive configuration, but it's possible that one or more of your drives contains no data after the rollback is complete. To restore the data, perform a second rollback to the same snapshot you chose for the first rollback. Troubleshooting: Rollback Disables Computer If you roll back to a snapshot that was performed using a previous version of Recovery Agent, your Recovery Agent software is also rolled back. To bring your system up to date, you should reinstall the software using your existing account. Troubleshooting: Rollback General Protection Fault Error Message Certain Toshiba DVD-ROM drives, including the Toshiba Tecra 750 DVD, include a utility called Toshiba Access Panel. Under certain situations, a minor bug in this utility causes a General Protection Fault error “in module tapeng.exe at 0137:0040d919.” This error might occur after files are restored during a rollback using Recovery Solution. However, the rollback is successful; this error does not affect your data. Simply close the error message and restart the computer. Troubleshooting: DHCP Problems After Rollback Sometimes after a rollback is completed on the client computer, the DHCP service is not started and an error -1811 appears in event log. This can occur if during the rollback, the client computer requested the IP Address from the DHCP server. To resolve this problem, delete j50.chk from the Windows DHCP folder and then restart server or start DHCP service manually. Troubleshooting: Other Issues z Troubleshooting: DCOM on page 249 z Troubleshooting: FrontPage 98 Personal Web Server Conflict on page 250 z Troubleshooting: Logon Problems on page 250 z Troubleshooting: Cannot Access Dialog Box Buttons on page 251 z Troubleshooting: Connection Firewall on page 251 z Troubleshooting: Fast User Switching on page 252 z Troubleshooting: Unknown Solution on page 252 z Troubleshooting: Event Viewer on page 252 Recovery Solution Reference Guide 248 Troubleshooting: DCOM DCOM is a Windows component that Recovery Solution uses for communication between your computer and the server. Usually it is installed and configured automatically, and you don't have to do anything with it. However, installing or removing certain Windows components can result in configuration changes that prevent Recovery Solution from being able to use DCOM. The specific symptoms of DCOM configuration problems are different depending on which version of Windows you are running. Windows 2000/XP This section describes DCOM configuration problems you might encounter under Windows 2000 and Windows XP. Symptom Trying to view protected files or open the options window results in the error “The authentication service is unknown (0x800706d3).” Explanation It's likely that the remote procedure call (RPC) locator service has been removed from your computer. This is a communication service required for proper DCOM operation. The RPC service gets removed if you uninstall the Client for Microsoft Networks networking component. Solution You must reinstall Client for Microsoft Networks. To do so, see To add a network component in Windows Help. Once it is installed, you can disable it by clearing the checkbox next to it in the list. This prevents the client component from being used, but it does not remove the RPC files that DCOM applications require. Windows 98 SE This section describes DCOM configuration problems you might encounter under Windows 98 SE. Symptom When you try to view protected files or open the options window, nothing happens. Explanation It's likely that the Client for Microsoft Networks networking component has been removed from your computer. DCOM is frequently configured to use this networking component for communications. Solution You must reconfigure DCOM. To do this, run the file dcomcnfg.exe, which is usually located in the SYSTEM subfolder of your Windows folder. Click the Default Properties tab, then under Default Authentication Level, click (None). Click OK to apply the changes and close the window, then restart your computer. Recovery Solution Reference Guide 249 Troubleshooting: FrontPage 98 Personal Web Server Conflict If you have FrontPage 98 Personal Web Server installed, you might need to change the following default Personal Web Server setting to allow you to take snapshots manually. 1. From the Windows Start menu, click Settings. 2. Click Control Panel. 3. Open the Network applet. 4. Click Personal Web Server. 5. Click Properties. 6. Change the Use Local Security option to FALSE. 7. Click OK. Troubleshooting: Logon Problems There are a number of reasons that you might have difficulty logging onto the server. z If you entered your user name and password and nothing is happening, it might just be taking a while. Your connection to the server depends on various conditions. If nothing happens after several minutes, see the items below. z If your user name and password are not accepted, make sure they are correct. Passwords are case-sensitive, so “PASSWORD” is not the same as “password.” z If you keep getting prompted to reregister your computer or enter your logon information, and you are sure you have entered your user name and password correctly, it's possible that one of the following has happened: The server software has been recently reinstalled. Restart your computer and try again. Your account has been locked out. This is most likely to happen if you are running Windows 9x/Me, and the server is authenticating users locally (not via a domain). In this case, the operating system on the server counts all Recovery Solution connections as invalid logon attempts. If you've restarted your computer several times in a row, you might have to wait until the account lockout expires, then restart your computer again in order to access Recovery Solution. Your administrator should be able to determine what the account lockout policy on the server is. z If the administrator has upgraded the copy of the console that is installed on the server, but has not yet upgraded the server software, you'll be unable to use Recovery Solution until the administrator completes the upgrade. You might want to let the administrator know that you are having problems. z If you are running Windows 9x/Me and you log onto a Windows NT domain, make sure that your user name and password, as well as the name of the domain itself, do not contain extended ANSI characters. These characters have character codes greater than 127 and are commonly used in non-English languages (Example: umlauts and characters with accents). They cannot be used with Recovery Solution because of a limitation in the Microsoft DCOM security component. For more information, see Troubleshooting: DCOM on page 249. If your account contains such characters, you can do one of the following: Recovery Solution Reference Guide 250 z If you have another account without extended ANSI characters, you can uninstall Recovery Agent, log onto Windows using your other account, then reinstall Recovery Agent. If you do not have another account without extended ANSI characters, or if these characters are in the domain name itself, contact your administrator for help. Certain networking and security components are required to be installed on your computer in order for Recovery Agent to work correctly. For more information, see Troubleshooting: DCOM on page 249. If you still have problems, contact your Recovery Solution administrator for help. Troubleshooting: Cannot Access Dialog Box Buttons The minimum screen resolution requirement for Recovery Agent is 800 x 600. z If you are using an 800 x 600 screen resolution and displaying Large Fonts, you might need to move the Recovery Agent Options dialog box up a little bit on your screen before you can access the buttons. To do this, click the very bottom tip of the window title bar and drag it up as far as it will go. The buttons at the bottom should come into view. z The 640 x 480 screen resolution is not supported. z If you are running at this resolution, you should change to an 800 x 600 or higher resolution if possible. If you need to access the Recovery Agent Options dialog box buttons at a 640 x 480 resolution, you can use the following shortcut keys while the dialog box is displayed. ENTER to click the OK button. ESC to click the Cancel button. Troubleshooting: Connection Firewall If you are running either Windows XP or Windows Me, you have the option of using a built-in Windows firewall to safeguard your computer while it is connected to the Internet. Unfortunately, this firewall prevents the server from reaching your computer, meaning that some Recovery Solution functions will not work. Recovery Solution features that do not work through a Windows connection firewall include the following. z Scheduled snapshots. z Rollbacks started by your administrator. Note Internet Connection Sharing uses the Windows firewall by default, so if you use Internet Connection Sharing then you could run into the same problem. If you are behind a corporate firewall, or on a VPN connection to a network that has a firewall, your computer is probably protected by that firewall and you can turn your personal firewall off. Assuming that the server is on the same network, this should allow all features to work properly. See also Firewall Configuration on page 271. Recovery Solution Reference Guide 251 Troubleshooting: Fast User Switching If you are running Windows XP and your computer is not part of a Windows domain, then a feature known as “Fast User Switching” might be enabled on your computer. This feature lets multiple users log onto the computer simultaneously, and then the computer can be quickly switched from one user's settings to another. Recovery Solution does not currently support this environment. We recommend that you disable Fast User Switching while Recovery Solution is installed. If you do not disable Fast User Switching, the most noticeable issue is that only one logged-on user at a time will be able to interact fully with Recovery Solution. The other logged-on users won't see the Recovery Agent desktop and system tray icons, and might not be able to open certain Recovery Agent windows or perform manual tasks with the program. Which user is able to perform these tasks might vary depending on order in which they logged on. Troubleshooting: Unknown Solution Recovery Agent Help does not appear to have a solution for your problem. If you need additional assistance, check with your Recovery Solution administrator. Troubleshooting: Event Viewer For more information, see “Troubleshooting the Event Viewer” in the Recovery Solution User’s Guide. Recovery Solution Reference Guide 252 Chapter 14 Technical Reference This section contains additional information about Recovery Solution. z Product Limits (page 253) z Performance Tips (page 254) z Settings Information (page 257) z Technical Information (page 276) z Command Line Utilities (page 279) z Stopping and Starting the Recovery Solution Server Service on page 289 z Recovery Solution Infrastructure Backup and Restore (page 290) Product Limits Listed below are some of the known limits of Recovery Solution. z Data Protection & Recovery Limits The following restrictions apply to snapshots. z Recycle Bin files are automatically excluded from all snapshots. You cannot change this option. A maximum of 32767 versions of any one protected file can be stored on the cluster. On Windows 9x/Me protected computers, data that is transmitted to the server can be encrypted while in transit, but data that comes from the server cannot (i.e., snapshots are encrypted, but recoveries are not). This is because of a limitation of Windows 9x/Me, which cannot receive encrypted DCOM data. Full System Recovery Limits The following restrictions apply to Full System Recovery. Full System Recovery cannot be performed on a protected computer running disk compression software (such as DriveSpace or Stacker). Full System Recovery that copies data from the network might not work on Windows 95/98 computers that are using real-mode DOS drivers. Protected computers that were upgraded from Windows 3.1 to Windows 9x might be using such drivers. To perform Full System Recovery on these computers, you must either configure them to use Windows drivers, or include the real-mode drivers in the temporary operating system you place on CD-ROM. Alternatively, you can recover these computers completely from CD-ROM. Be sure to click the option to Include all user data on CD-ROM when creating the CD-ROM. Recovery Solution Reference Guide 253 Performance Tips Though not required to use Recovery Solution, the following information could help you get better performance from the product. The following topics are covered in this section: z Data Protection Performance (page 254) z Restore Performance (page 255) z Changing DCOM Protocols (page 255) z Configuring Microsoft Network Load Balancing (page 256) Data Protection Performance Following are some tips you can use to ensure that snapshots run efficiently. z You can help to improve the speed of baseline snapshots by seeding the cluster with files that exist on most users’ computers. Since Recovery Solution checks for the existence of each file on the cluster and only transfers it if is not already there, seeding the cluster with common operating systems, programs, and other files can reduce the amount of time that the initial snapshot takes for most or all protected computers. Seed the cluster just after you set it up, and before allowing users to take a snapshot. Many of the files being protected will then already exist on the cluster. Here are some examples of files you might want to initially add to the cluster. Windows XP, Windows 2000, Windows NT, Windows Me, Windows 98, and Windows 95 installations. Applications used throughout your company, particularly those that take up moderate to large amounts of disk space. Common examples are Microsoft Office, Microsoft Internet Explorer, Netscape Communicator, and Lotus Notes. Common data files that might reside on many users’ hard disks. If you seed the cluster with multiple protected computer installations, you should perform snapshots one at a time, allowing each one to complete before starting the next one. That way you are sure to get the maximum benefit from Redundant File Elimination and Redundant Block Elimination. z Try to avoid having a remotely connected computer be the first one to protect any particular application. Instead, protect a computer on the network that has this application installed to eliminate the need to transfer the application over a slow link. z If snapshots are exceptionally slow for protected computers running Windows 2000/ XP, you might benefit from changing the primary DCOM protocol being used for communications. For more information, see Changing DCOM Protocols on page 255. z If you are using Microsoft Network Load Balancing with Recovery Solution, snapshot performance can be improved by appropriately configuring your Network Load Balancing Cluster settings. For more information, see Configuring Microsoft Network Load Balancing on page 256. z If your protected computers use HTTP protocol for communication with Recovery Server (for information, see Configuring Communication Settings on page 110), you can improve the performance of jobs on clients running Windows 98 SE and Recovery Solution Reference Guide 254 Windows 2000, by clearing the Enable Integrated Windows Authentication (requires restart) checkbox in Windows Control Panel > Internet Options > Advanced tab > Security on client computers. In this case, a less secure (but more robust) NTLM protocol will be used for authentication with the server. Restore Performance Following are some tips you can use to ensure that recoveries run efficiently. z Over a dial-up connection, it is practical to restore up to a few tens of megabytes. For larger file sets, or for Full System Recovery, it makes more sense to ship user data on CD–ROM to the remote location. Alternatively, you can send the protected computer to a place where it can be connected at high speed to the server, and restore the data from there. z If recoveries are exceptionally slow for protected computers running Windows 2000/ XP, you might benefit from changing the primary DCOM protocol being used for communications. For more information, see Changing DCOM Protocols on page 255. Changing DCOM Protocols Most of the data transferred back and forth between protected computers and the server is sent via Microsoft Distributed Component Object Model (DCOM). DCOM itself employs RPC (remote procedure call) to actually send messages from one networked computer to another. When running on Windows 2000/XP, DCOM can be configured to use any of several different RPC network protocols to send and receive messages. By default, Windows uses UDP (commonly known as datagram packets) protocol. UDP typically uses less network bandwidth and is quicker than TCP—unless packets start getting lost regularly. Since UDP is a connectionless protocol, DCOM itself handles the retransmitting of packets that fail or become lost. If the network is busy or has other problems that cause a number of DCOM packets to get lost, then data transfer rates can become very slow because DCOM has to retransmit a large number of packets. This can greatly impact the performance of snapshots and recoveries. To improve performance in these situations, you can configure a protected computer to use TCP as its primary DCOM protocol. Note This change is not applicable to Windows 9x/Me computers, which always use TCP for DCOM communications. To configure DCOM to use TCP as its primary protocol 1. On the protected computer, from the Windows Start menu, click Run. 2. Enter DCOMCNFG.EXE. 3. Do one of the following: z Change the list of DCOM protocols used specifically for Recovery Solution. This is safer than changing the default DCOM protocols for the entire system. However, it involves a few more steps, and if Recovery Agent is ever uninstalled and reinstalled on the protected computer, the changes are lost and must be made again. Recovery Solution Reference Guide 255 To change the list of protocols for Recovery Solution, do the following. a. On the Applications tab, in the Applications list, select Altiris Recovery Solution Agent. b. Click Properties. c. Click Endpoints. d. Click Add to add all missing protocols except Connection-oriented TCP/IP to the DCOM Protocols and endpoints list. This helps to ensure that a connection can be established even if something goes wrong with the TCP/IP communications. z e. If Connection-oriented TCP/IP appears in the list but is not at the top, select it and click the Remove button. This is the only way to change its position in the list. f. If Connection-oriented TCP/IP does not appear in the list, add it to the list as follows. Click Add. In the Protocol Sequence list, click Connection-oriented TCP/IP. Click OK. Click OK to accept the changes. Change the default list of DCOM protocols for the entire system. Changing the default protocols for the system might give you similar advantages for other applications, but it might also cause problems for other applications that use DCOM and must use UDP for communications. In most cases, however, it should not matter which protocol is used. Example To change the list of default protocols, do the following: g. Click the Default Protocols tab. h. In the DCOM Protocols list, look for the item Connection-oriented TCP/IP. If you do not see it, add it to the list as follows. Click Add. In the Protocol Sequence list, click Connection-oriented TCP/IP. Click OK. i. In the DCOM Protocols list, select Connection-oriented TCP/IP. j. Click the Move Up button repeatedly until Connection-oriented TCP/IP is at the top of the list. 4. Click OK to save the changes and exit Distributed COM Configuration Properties. 5. Restart the computer. Configuring Microsoft Network Load Balancing If you are using Microsoft Network Load Balancing with Recovery Solution, you can configure your Network Load Balancing cluster properties to improve snapshot performance as follows. Recovery Solution Reference Guide 256 1. Open Network Load Balancing Manager console for your cluster through Windows Start menu > Control Panel > Administrative Tools. 2. Right-click cluster name in the Network Load Balancing Clusters list on the left and select Cluster Properties from the drop-down menu. 3. In the Cluster Properties dialog window on the Port Rules tab select the Defined port rules for Recovery Solution and click the Edit button to open the Add/Edit Port Rule dialog window. 4. Set Affinity to Single in the Filtering mode section. 5. Click OK to save the settings and close the Add/Edit Port Rule dialog window. 6. In the Cluster Properties dialog window go to Cluster Parameters tab and set Cluster operation mode to Multicast. 7. Click OK to save settings and exit Network Load Balancing Manager. Settings Information This section contains additional information about settings created and used by Recovery Solution. z User Account and Share Configuration (page 257) z Microsoft SQL Server Settings (page 259) z Event Log Configuration (page 261) z Internet Information Server Configuration (page 261) z ODBC Configuration (page 265) z DCOM Configuration (page 266) z RPC Dynamic Port Allocation (page 270) z Firewall Configuration (page 271) z Web-Based File Recovery Configuration (page 272) z Job Schedule Worksheet (page 274) User Account and Share Configuration During Setup, Recovery Solution Server creates Windows users and shared folders as needed to simplify deployment and to allow the server to communicate with the protected computers.Automated Account Configuration Recovery Solution Reference Guide 257 Recovery Solution automatically creates the following user accounts and groups. Account Configuration Account or Group Description XUSR_RepNDM User Account (Local) Recovery Solution requires this special account for communicating (via DCOM) between the server and the protected computers. This account is given the minimum default rights assigned to users; it requires only the Access this computer from the network right to be used by Recovery Solution. The account is created locally on the server, so it cannot be used to access other computers on the domain. All the required accesses are configured through DCOM. AeXRS_Users User Group (Local) This group is given the access rights to protect and restore files with Recovery Solution. You can change its name during Recovery Solution Server Setup, but not thereafter. By default, this group contains the Domain Users group, which means that all domain users have the necessary rights to protect their computers. Notes If you have users on trusted domains that you want to be able to use the server, you must add those users to the Domain Users group for the server or the AeXRS_Users group before they can use Recovery Solution. If the server is installed using local server security, this user group is granted the Log on locally right on the server, which is required for access to Web-based file recovery. If you do not intend to use Web-based file recovery, you can remove this right through Windows. If you want to restrict access to certain individual users, you will have to remove Domain Users from AeXRS_Users. Windows domains allow different types of user groups, including local and global. Because of the way the Windows security model works, you can simplify administration tasks by using a combination of local and global groups. Global groups can only contain users, but local groups can contain both users and global groups. For granting access, we recommend that you create a new global group in the domain, add the users to the global group, and then add the global group to the local group AeXRS_Users. This strategy offers you maximum flexibility in more complicated situations—you get the ease of managing a global group for the individual users combined with the ease of adding other entire groups to the local AeXRS_Users group as appropriate. Example: if you begin your deployment by allowing access to a select group of pilot users (by creating a global group of those users and adding it to the AeXRS_Users local group), you can then easily expand by allowing access to one department at a time, simply by adding their department global groups to the AeXRS_Users local group. Recovery Solution Reference Guide 258 Account Configuration (Continued) Account or Group Description AeXRS_Manage rs User Group (Local) This group is given the rights to restore data for any client using the Migrate utility and Web-Based File Recovery. Altiris Helpdesk Technicians User Group (Local) Members of this group have rights to perform certain Recovery Solution tasks through the Altiris Console. Shared Folders Recovery Solution Server Setup automatically creates a folder for Recovery Agent installation files and shares it so that users can easily install the software from this folder. By default, the folder is stored within the server program files folder. Microsoft SQL Server Settings Recovery Solution Server Setup automatically configures Microsoft SQL Server. Following is a list of the changes that are made. Performance Enhancements Currently, Recovery Solution Server Setup changes only the Max Worker Threads setting from its default. This change is based upon our experiences in two sets of early Beta deployments of the product. Max Worker Threads Configures the number of worker threads that are available to SQL Server processes. SQL Server makes use of the native thread services of the operating system. Instead of one worker thread, there are many. Each network that SQL Server simultaneously supports is supported by one or more threads, another thread handles database checkpoints, and a pool of threads handles all users. The max worker threads option allows you to control the number of threads allocated to the user pool. When the number of user connections is less than max worker threads, one thread handles each connection. However, if the number of connections exceeds max worker threads, thread pooling occurs. Additionally, if the configured value for worker threads is exceeded, the request is handled by the next worker thread that completes its current task. The default is 255. —Microsoft Transact-SQL Reference Additional Information A worker thread performs a database operation on behalf of a client. While it may seem that one thread per connection is ideal for performance, an excessive number of threads will cause the server to spend more time simply managing the threads and can result in significant contention for CPU time among the threads. In a 1996 Compaq TPC-C benchmark with SQL Server 6.5 running on Windows NT 4.0, the optimal setting for max worker threads was 100, even with 5000 concurrent users. Recovery Solution Reference Guide 259 Databases Setup creates and configures databases as follows. z Recovery Solution Database The default name for this database is AeXRSDatabase, although during a custom installation you have the option to change it. Setup creates and configures the database as needed. z Database Backups Setup creates a backup device for the database. It also schedules regular backups of the database. For more information, see Job Schedule Worksheet on page 274.) Caution Make sure that the schedules for database backup and Recovery Server jobs (such as Server Space Management and Integrity Check) do not coincide; otherwise data storage corruption can occur. Security Setup makes the following changes to Microsoft SQL Server security settings. z SQL Login To limit any security risks, Recovery Solution creates its own Microsoft SQL Server login (named AeXRSDatabaseUser by default) that it uses whenever it needs to access the Recovery Solution database. This login is a member only of the db_owner fixed database role (not the sysadmin role as it used to be Recovery Solution 6.1 and earlier versions) in and has full access only to the Recovery Solution database. Its default password is password. Note The default password cannot be changed. z Authentication In Microsoft SQL Server 2000, the default authentication mode is Windows only. Recovery Solution Server Setup changes this to SQL Server and Windows to allow authentication via the SQL login created specifically for Recovery Solution. Note For Recovery Solution to function properly, Notification Server admin must have dbo rights for Recovery Solution database. Recovery Solution Reference Guide 260 Event Log Configuration During server setup, Recovery Solution automatically makes the following changes to the configuration of the Windows event logs. Event Log Table Log Change Made Reason System Event Log Prevents warning messages from appearing on the server when the event log fills up. Wrapping: Overwrite Events as needed. Application Maximum Log Size: Ensures that enough log entries are retained so that troubleshooting can be performed if necessary. 10240 KB (10 MB) Application Event Log Wrapping: Overwrite Events as Needed Prevents warning messages from appearing on the server when the event log fills up. Recovery Solution Server uses this event log extensively, so it can fill up quickly. We recommend that you leave these settings the way Setup has configured them. Internet Information Server Configuration This section describes the Microsoft Internet Information Server settings that Recovery Solution needs in order for the Web-based installation wizard to function properly. If you did not accept the default settings during IIS installation, or if you changed your IIS configuration, you might need to verify your settings with the list below. Recovery Solution Reference Guide 261 The following virtual directories must exist in the IIS configuration on the server. Their settings must match those in the following table. Virtual Directory Name Agent AsMext LogFiles WBFR Actual Folder The “AgentWeb” subfolder of the shared Recovery Agent installation subfolder of the program installation folder. By default, this is C:\Program Files\Altiris\Recovery Solution\Server\Agent\ AgentWeb. The “ASMext” subfolder of the shared Recovery Agent installation subfolder of the program installation folder. By default, this is C:\Program Files\Altiris\Reco very Solution\Server\ Agent\ASMext. The “LogFiles” subfolder of the “System32” subfolder of the Windows folder. By default, this is %WINDIR%\ System32\ LogFiles. The folder where the Web-based file recovery program files are stored. Web access permissions Read must be checked None required. Read must be checked. Read must be checked. Web application permissions Execute (including scripts) must be selected. Execute (including scripts) must be selected. Default Document(s) for Web Browsing Enable Default Document must be checked, and “Default.htm” must be included as a default document. Recovery Solution Reference Guide Not required. If Web-based file recovery was configured automatically during installation of the server, then this is the folder that was specified for Webbased file recovery during Setup. By default, the folder is C:\Program Files\Altiris\Recovery Solution\Server\WBFR None required. Script must be selected. Not required. Enable Default Document must be checked, and “Default.asp” must be included as a default document. 262 Virtual Directory Name Agent Web Authentication Methods z Basic Authentication must be checked. z Integrated Windows authentication (Windows 2000) Windows Folder Security Settings z The SYSTEM user must have Full Access. z The AeXRS_Manager s (or the name of your administrators group for Recovery Solution) must have Read access. z The AeXRS_Users (or the name of your administrators group for Recovery Solution) must have Read access. AsMext LogFiles z Allow Anonymous Access must be checked. z Allow Anonymous Access must be checked. z Integrated Windows authenticatio n (Windows 2000) z Integrated Windows authentication (Windows 2000) The Everyone user group must have Full Access. The Everyone user group must have Full Access. WBFR z Integrated Windows authentication (Windows 2000) z For Windows 2000, the folder and all contents must have the Allow inheritable permissions from parent to propagate to this object box cleared. z The user group for Recovery Solution (by default AeXRS_Users) must have Read access to the main folder. z The Everyone user group must have Full Access to the following contents. All files in the “Image” subfolder. All files in the “Image” subfolder. All files in the “Image” subfolder. All “*.class” files. “FileDownload.asp” “GetFiles.asp” “GetFolders.asp” “Global.asa” “LogOff.asp” “ServerUtils.asp” “Styles.css” Recovery Solution Reference Guide 263 Virtual Directory Name AeXRSVault Actual Folder The “HTTPVault” subfolder of the shared Recovery Agent installation subfolder of the program installation folder. By default, this is C:\Program Files\Altiris\Recovery Solution\Server\HTTPVault. Web access permissions Read must be checked Web application permissions Execute (including scripts) must be selected. Default Document(s) for Web Browsing Enable Default Document must be checked, and “Default.htm” must be included as a default document. Web Authentication Methods z Basic Authentication must be checked. z Integrated Windows authentication (Windows 2000) Windows Folder Security Settings z The SYSTEM user must have Full Access. z The AeXRS_Managers (or the name of your administrators group for Recovery Solution) must have Read, List, and Execute access. z The AeXRS_Users (or the name of your administrators group for Recovery Solution) must have Read, List, and Execute access. z The XUSR_RepNDM user must have Read, List, and Execute access. Notes You can require users to establish an encrypted channel (https:// rather than http://) with your server before accessing the Web-based Setup Wizard or Web-Based File Recovery. The use of an encrypted channel, however, requires that the user's Web browser and your Web server both support the encryption scheme used to secure the channel. Before enabling encryption, you must install a valid server certificate. To require encryption in IIS, follow the procedure for enabling Secure Sockets Layer (SSL). For precise instructions, see the following topics in Internet Information Services section of Windows Help. Enabling Encryption Using Certificate Wizards Obtaining and Installing Server Certificates Configuring SSL Recovery Solution Reference Guide 264 ODBC Configuration During server setup, Recovery Solution configures Open Database Connectivity (ODBC) so that Recovery Solution can access its SQL Server databases. If you are having problems with Recovery Solution, you can verify that the configuration information is correct and update it yourself if necessary. To set up the ODBC connection to the database 1. From the Windows Start menu, click Settings > Control Panel. 2. Open the ODBC applet. The actual name of the applet varies depending on the version of Windows you are running. In Windows XP and Windows 2000, it can be found in the Control Panel Administrative Tools subfolder. 3. Click the System DSN tab. 4. Select AeXRSDatabaseDSN in the list and then click the Configure button. If you do not see this entry, you can add it as follows. 5. Click Add. Click SQL Server from the list and then click Finish. A wizard appears, walking you through the process of creating or modifying a data source to SQL Server. Set the values indicated below, and leave the defaults for any settings not mentioned here. In the Name field, type AeXRSDatabaseDSN. In the Server field, type the name of the server, then click Next. Under How should SQL Server verify the authenticity of the login ID?, choose With SQL Server authentication using a login ID and password entered by the user. Make sure the checkbox labeled Connect to SQL Server to obtain default settings for the additional configuration options is checked, then enter the SQL user name for Recovery Solution (the default name is AeXRSDatabaseUser) and its password, and click Next. Click Change the default database to, then select the database for Recovery Solution (AeXRSDatabase) from the list. Note Check this box even if AeXRSDatabase already appears in the list. Click Next. Click Finish. A confirmation screen appears next. Click the Test Data Source button to verify that the ODBC connection is working properly. You should then see a test results screen similar to the following. 6. Click OK in all open dialog boxes to complete the ODBC configuration. Recovery Solution Reference Guide 265 DCOM Configuration For secure communications among the server, consoles, and protected computers, Recovery Solution uses the Microsoft Distributed Component Object Model (DCOM), which consists of a set of system files installed on each computer. DCOM is a common operating system component that provides both flexibility and added security for many applications that run on a network. Windows 2000/XP contains DCOM as part of the basic operating system. On Windows 9x computers, Recovery Agent automatically installs the latest version of DCOM if necessary. All Recovery Solution Setup programs configure DCOM as needed to run Recovery Solution. Caution In rare cases, the DCOM configuration might be changed so that Recovery Solution no longer works properly. This may happen when another, third-party, setup program has reinstalled or reconfigured DCOM improperly. To set up DCOM on a protected computer 1. From the Windows Start menu, click Run. 2. Type DCOMCNFG.EXE, then click OK. 3. If the protected computer is running Windows XP, then do the following. In the Console Tree, browse to Console Root/Component Services/ Computers/My Computer, and select it in the list. From the Action menu or the context menu, click Properties. 4. Click the Default Properties tab. 5. Make sure the following default values are set. Enable Distributed COM on this computer is checked. The Default Authentication Level setting is Connect. The Default Impersonation Level setting is Impersonate. This setting allows the server to use each protected computer’s network account to perform actions on behalf of the protected computer. It prevents a protected computer from potentially using the network credentials of the server itself to perform operations that it would not be able to perform on its own. 6. Do one of the following. z Windows 98 (Second Edition) Computers z Click the Default Security tab. Check the box labeled Enable remote connection. Click OK. Windows 2000/XP Computers If the protected computer is running Windows XP, click OK to close the main DCOM properties dialog box, then in the Console Tree, expand My Computer/ DCOM Config. Scroll down the list until you see Altiris Recovery Solution Agent, and select that item. Recovery Solution Reference Guide 266 Do one of the following. z In Windows XP, from the Action menu or the context menu, click Properties. In Windows 2000, click the Properties button. Click the Security tab. Click the option to specify custom access permissions, then click the Edit button. Make sure that following users appear in the list, and are allowed access. INTERACTIVE SYSTEM Note If you prefer, you can choose to use default permissions and then make the security changes described below in the main DCOM properties. However, we strongly recommend that you use custom permissions for the objects, since you might not want all COM objects to have the rights you will assign to Recovery Solution. z Configure the launch permissions to be the same as the access permissions you configured above. z Click OK to close all open windows. To set up DCOM on the server 1. From the Windows Start menu, click Run. 2. Type DCOMCNFG.EXE, then click OK. 3. Scroll down the list until you see Altiris Recovery Solution RemoteService, and select that item. Recovery Solution Console uses this object to communicate with the server. 4. Click the Properties button, then click the Security tab. 5. Click Use custom access permissions, then click the Edit button. Make sure that following users and groups appear here. The local AeXRS_Managers group (or the name of your administrator group for Recovery Solution) INTERACTIVE SYSTEM Note If you prefer, you can choose to use default permissions and then make the security changes described below on the main tabs of the Distributed COM Configuration Properties window. However, we strongly recommend that you use custom permissions for the objects, since you might not want all COM objects to have the rights you will assign to Recovery Solution. 6. Click Use custom launch permissions, then click the Edit button and add the same users as you added for the access permissions in the previous step. 7. Click OK until you get back to the main Distributed COM Configuration Properties window. 8. In the DCOM Applications list, scroll down until you see Altiris Recovery Solution Server, and select that item. Recovery Solution Reference Guide 267 Recovery Agent running on protected computers uses this object to communicate with the server. 9. Click the Properties button, then click the Security tab. 10. Click Use custom access permissions, then click the Edit button. Make sure that following users and groups appear here. INTERACTIVE SYSTEM The local AeXRS_Managers group (or the name of your administrator group for Recovery Solution) The local AeXRS_Users group (or the name of your user group for Recovery Solution) Click Use custom launch permissions, then click the Edit button. Make sure that following users appear here. INTERACTIVE SYSTEM Caution Do not add XUSR_RepNDM or the AeXRS_Users local group to the Launch Permissions list. If you do, you will effectively lose control over when Recovery Solution is running. The reason is that this account is used automatically by all Recovery Agent installations. If it has launch permissions, then even if the service is stopped on the server, it will restart automatically as soon as a protected computer attempts to interact with the server. 11. Click OK until you get back to the main Distributed COM Configuration Properties window. 12. In the main Distributed COM Configuration Properties dialog box, click the Default Properties tab. 13. Make sure the following default values are set. Enable Distributed COM on this computer is checked. The Default Authentication Level setting is Connect. The Default Impersonation Level setting is Impersonate. This setting allows the server to use each protected computer’s network account to perform actions on behalf of the protected computer. It prevents a protected computer from potentially using the network credentials of the server itself to perform operations that it would not be able to perform on its own. 14. Click OK. Default DCOM security settings on the server The following tables display the full default DCOM security settings which must be configured on the Recovery Server: Recovery Solution Reference Guide 268 Abbreviations and acronyms Launch and activation permissions: LAct - Local Activation LL - Local Launch RAct - Remote Activation RL - Remote Launch Access permissions: LAcc - Local Access RAcc - Remote Access def - default lim - limit Default COM Security Permissions on the Recovery Server Group or user names LAct LL RAct RL LAct LL RAct RL LAcc RAcc LAcc RAcc def def def def lim lim lim lim def def lim lim INTERACTIVE X X X X SYSTEM X X X X Administrators X X X X X X X X X X X X X X X IUSR_... (Internet Guest Account) X X X X IWAM_... (Launch IIS Process Account) X X X X Distributed COM Users X X X X Everyone X X SELF ANONYMOUS LOGON X X X X AHMS {67B86D82-9B78-11D3-B597-00A0C91D0917} Group or user names LAct LL RAct RL LAcc RAcc INTERACTIVE X X X X X X SYSTEM X X X X X X AeXRS_Users X X Recovery Solution Reference Guide X 269 Altiris Recovery Solution Server (RSS) {864A9B22-6B68-11D1-9640-00C04FCD3EB0} Group or user names LAct LL RAct RL LAcc RAcc INTERACTIVE X X X X X X SYSTEM X X X X X X XUSR_RepNDM X X AeXRS_Users X X X X AeXRS_Managers X X X X Altiris Recovery Solution RemoteService (RmtSvc) {B438E666-9BE0-11D1-B83B-00A0C9843F26} Group or user names LAct LL RAct RL LAcc RAcc INTERACTIVE X X X X X X SYSTEM X X X X X X XUSR_RepNDM X X X X X X RPC Dynamic Port Allocation DCOM uses Remote Procedure Call (RPC) dynamic port allocation to randomly select port numbers above 1024 by default. You can control which port range RPC dynamically allocates for incoming communication and then configure your firewall to confine incoming external communication to that port range, port 135 (the RPC Endpoint Mapper port) and ports 43189 - 43190. To control RPC dynamic port allocation on the Recovery Server 1. From the Windows Start menu, click Run. 2. Type DCOMCNFG.EXE, then click OK. 3. In the Console Tree, browse to Console Root/Component Services/ Computers/My Computer, and select it in the list. 4. From the Action menu or the context menu, click Properties. 5. On the Default Protocols tab, select Connection-oriented TCP/IP in the DCOM Protocols list and click Properties button. 6. In the Properties for COM Internet Services dialog box click Add button. 7. In the Port range text box add a port range (ex. 55000-55199), then click OK. 8. Leave the Port range assignment and the Default dynamic port allocation options set to Internet range. 9. Click OK to close all dialogs and restart the server computer. Recovery Solution Reference Guide 270 On the client computer (optional) 1. From the Windows Start menu, click Run. 2. Type DCOMCNFG.EXE, then click OK. 3. In the Console Tree, browse to Console Root/Component Services/ Computers/My Computer, and select it in the list. 4. From the Action menu or the context menu, click Properties. 5. On the Default Protocols tab move Connection-oriented TCP/IP to the top of the list. 6. Restart the computer. Firewall Configuration To use Recovery Solution Server behind a firewall, a defined set of ports must be open to enable communication between the clients and the server. The following table lists these ports. Protocol Port Direction TCP and UDP 135 (DCOM) Both TCP 80 (HTTP) Both TCP 443 (HTTPS) Both TCP 43189 Inbound (to client) UDP 43190 Inbound (to server) TCP >1024 (DCOM) Both When using DCOM for communication, you must open the port range (>1024) used for Remote Procedure Call (RPC) dynamic port allocation. For more information, see RPC Dynamic Port Allocation on page 270. Notes You must open port 80 in case you are using HTTP for communication between clients and Recovery Server. You must open port 443 in case you are using HTTPS for communication between clients and Recovery Server. You must open ports 135, 1024 and above in case you are using DCOM for communication between clients and Recovery Server. You do not have to open port 43189 inbound to client if you enable the Allow Recovery Agent to initiate scheduled snapshot option in the Agent Settings. For details, see Configure Snapshot Settings on page 78. By default, when the Recovery Solution Agent service starts on protected computers running Windows XP or Windows 2003 Server, it will add port 43189 to the Windows Firewall Exceptions list. This functionality is controlled through the Enable Altiris Recovery Agent to modify Windows Firewall settings checkbox. For details, see Configure Miscellaneous Settings on page 94. Recovery Solution Reference Guide 271 Web-Based File Recovery Configuration Web-based file recovery is automatically configured during installation of the server, if all of the configuration requirements are met. If they are not, you can configure Web-based file recovery manually after the server is installed. To configure Web-based file recovery manually 1. If the Web-based file recovery program files are not stored on a drive formatted with the Windows NT file system (NTFS), then do one of the following. Move the WBFR folder to an NTFS drive on the server. Convert the drive where the Web-based file recovery program files are stored to an NTFS drive. You can do this using the Windows CONVERT.EXE command-line program. Caution Conversion to NTFS is an irreversible action. After converting a drive to NTFS, you cannot go back to the FAT file system without destroying the data on the drive. 2. On the server, open a command prompt and enter the following command. REGSVR32.EXE “Web-based file recovery folder\WFEngine.dll” Replace Web-based file recovery folder with the full path to the Web-based file recovery program files (by default, this is C:\Program Files\Altiris\Notification Server\Client Recovery Server\WBFR), but a different folder might have been specified during installation of the server. 3. Open the Internet Service Manager program. Note In Windows 2000, the default Start menu shortcut is Start > Programs > Administrative Tools > Internet Services Manager. 4. Create a new virtual directory for the Web-based file recovery folder as follows. In the Console Tree, select the Default Web Site item for the server. From the Action menu or the context menu, click New, then click Virtual Directory. Step through the wizard until you are prompted to specify an alias for the virtual directory, then specify one. The alias is the folder name that users will access when restoring files. To keep the configuration simple and consistent with the documentation, we recommend that you specify the default alias WBFR. After you have specified an alias, click Next. Specify the full path to the folder containing the Web-based file recovery program files, then click Next. Accept the default access permissions, which should include Read and Script access, but nothing else. Click the Next and Finish buttons as necessary to complete the wizard. 5. Configure the virtual directory as follows. Recovery Solution Reference Guide 272 In the Console Tree, select the virtual directory. From the Action menu or the context menu, click Properties. Do one of the following. If the server is running Windows 2000, then on the Virtual Directory tab, change the Application Protection option to Low (IIS Process). Click the Documents tab. Make sure that the checkbox labeled Enable Default Document is checked, and that Default.asp appears as one of the default file names in the list. If it does not, add it using the Add button. Configure access to the virtual directory as follows. 6. Click the Directory Security tab. Under Anonymous access and authentication control, click the Edit button. Clear the Anonymous access checkbox. You may also clear the box labeled Basic authentication (password is sent in clear text). Check the box labeled Integrated Windows authentication (Windows 2000). Click OK in all open dialog boxes until you return to the main Internet Service Manager window. Configure Windows security for the Web-based file recovery program files as follows. In the Web-based file recovery program files folder, open the properties for the following items, click the Security tab, and make sure that the Everyone group has Full Access rights to them. All files in the “Image” subfolder. The “Image” folder. All “*.class” files. “FileDownload.asp” “GetFiles.asp” “GetFolders.asp” “Global.asa” “LogOff.asp” “ServerUtils.asp” “Styles.css” When you have finished, click OK to close the Properties dialog box. z If the server is running Windows 2000, then for all files in both the main Web-based file recovery folder and the Images subfolder, click Properties/Security and clear the checkbox labeled Allow inheritable permissions from parent to propagate to this object, then click OK. z Open the properties for the main Web-based file recovery program files folder, WBFR. z Click the Security tab. Recovery Solution Reference Guide 273 z If the server is running Windows 2000, clear the checkbox labeled Allow inheritable permissions from parent to propagate to this object. z Give the user group for Recovery Solution (by default AeXRS_Users) the Read access permission to the folder. z You can remove any other access rights to the folder, although you might want to give yourself and/or other administrators full access. (Even if you do not, you can add the permissions later if the need arises.) z When you have finished configuring the security permissions, click OK to close the Properties dialog box. Configuring Web-Based File Recovery to run on Windows Server 2003 1. On the Windows Server 2003 computer, open the Computer Management window by clicking Start > Programs > Administrative Tools > Computer Management. 2. Expand the Services and Applications > Internet Information Services item. 3. Right-click Application Pool > New > Application Pool... 4. Name the new application pool with a WBFR specific name. Example: “WBFR”. 5. Click OK. 6. Right-click the new application pool and click Properties. 7. Click the Identity tab. 8. Select Local System. 9. Click OK and then click Yes on the warning shown. 10. Open properties of the Default Web Site > WBFR. 11. Under the WBFR Properties page, change the application pool for the WBFR virtual directory to the newly created application pool. 12. Click OK to save the changes. Job Schedule Worksheet The purpose of this worksheet is to help you schedule various activities that need to run on the server. Since multiple activities running at the same time could slow down Recovery Solution, you might want to divide processing time among the various jobs to allow them to run more efficiently. You can print this topic and fill in schedules as you create them. Some schedules are set by default when you install, but you can change them. The defaults are shown in the Recovery Solution Reference Guide 274 table below. The table also provides a sample schedule that you might wish to use as a guide.admin Supplemental Table Activity Default Schedule Manual Snapshots & Recoveries Actual Schedule Sample Typically Occur Daily Monday - Friday 8:00 A.M. to 5:00 P.M. Scheduled Snapshots Server Space Management Report Table Updates Daily Daily Monday - Friday Monday - Friday 7:00 A.M. to 7:00 A.M. to 7:00 P.M. 7:00 P.M. Weekly Daily Friday Monday - Friday 6:00 P.M. 5:00 A.M. to to 11:59 P.M. 7:00 A.M. None Daily 7:00 A.M. to 8:00 A.M. Back Up the Server to Tape None Weekly Saturday 8:00 A.M. Master Database Backup Weekly Weekly Sunday Sunday 12:00 A.M. 12:00 A.M. (Microsoft SQL Server default) Database Backup Deletion Weekly Weekly Sunday Sunday 5:00 P.M. 5:00 P.M. None Occasional Sunday after 5:00 P.M. Recovery Solution Reference Guide 275 Supplemental Table (Continued) Activity Default Schedule Actual Schedule Integrity Check Weekly Weekly Sunday Sunday 1:00 A.M. to 1:00 A.M. to 1:00 P.M. 11:59 P.M. Idle Time Sample Sunday after 5:00 P.M. Local Maintenance Job The Local Recovery Maintenance job starts regularly at 1 a.m. every Saturday by default, or before the snapshot if there is not enough free space on the Altiris Local Recovery partition. In the latter case the job will try to deallocate the amount of space that is required in order to perform at least two snapshots, meaning that more revisions of the files can be deleted than during a regular maintenance job. The Maintenance Job is automatically scheduled using the Windows Scheduled Tasks service and its task can be found in Windows Control Panel > Scheduled Tasks list. By default, the task is set to wake the computer to run the job (the computer will be shut down after completion). You can control the power management options on the Settings tab of the scheduled tasks’s Properties. The job consists of two phases and performs the following tasks: z z Integrity check checks the Altiris partition checks the database’s integrity checks the BLOB files for consistency cleans up the corruptions in the database and BLOB files (if a BLOB cannot be repaired it will be deleted) optimizes the database for better performance Storage Space Management job deletes files which were selected by the user for deletion (the files in the golden image and the files marked as locked will be never deleted) deletes the files added to the Exclude list by the user deletes the revisions of the files according to the Storage Space Management rules defragments the BLOB files residing on the BootWorks partition Technical Information This section contains miscellaneous technical information about Recovery Solution. Protected Computer IP Address Updates (page 277) How Recovery Works (page 277) Recovery Solution Reference Guide 276 Recovery Disk Space Needed (page 278) Protected Computer IP Address Updates Successful communications between the cluster and each protected computer require the use of the protected computer’s IP address. The cluster keeps a record of each protected computer’s IP address in the database. In the event that a protected computer’s IP address changes, the new information must be sent to the cluster to ensure that Recovery Solution continues working properly on that protected computer. z If the IP address change requires the protected computer to be restarted, then the update does not occur until the computer is restarted. z If the IP address change does not require the protected computer to be restarted, then the IP address update happens automatically the next time any of the following events occurs. Approximately 5–10 minutes passes. Periodic updates are sent automatically. Recovery Agent is restarted. This normally occurs only when the computer is restarted, but it is also possible to restart Recovery Agent by stopping and starting the Control Panel service Altiris Recovery Solution Agent. A Dial-Up Networking connection on the protected computer is started or disconnected. Snapshot on idle runs. How Recovery Works Restoring a file from the cluster is as simple as dragging and dropping the file to its destination. When a user restores a file, Recovery Solution does the following. 1. Determines if the copy of the file being recovered is different from the copy that already exists on the user’s computer. If a user recovers an entire folder. Example: it is possible that some of the files it contains have not changed and do not need to be transferred from the server. 2. If the file needs to be copied, determines if the file was originally obtained from that user’s computer, or if the snapshot just contains a placeholder with information about where an identical file is stored. Remember that Recovery Solution includes each file in a snapshot only once. If a placeholder was used during the snapshot, Recovery Solution locates the actual file. 3. Decompresses the file and copies it to the protected computer. During this process, Recovery Solution reconstructs the file if more than one version was included in a snapshot. Since the file was copied in its entirety only for the baseline snapshot, restoring a later version means assembling the pieces of the file that were copied during the baseline and during subsequent snapshots. The file is constructed as the pieces are downloaded. Recovery Solution Reference Guide 277 Files are reconstructed quickly, so there is usually little time difference between Recovery Solution restore and a simple file copy. Recovery Solution does all of these things automatically. If a user restores an entire folder or a drive, Recovery Solution performs these actions for each restored file. The result is that the user gets complete copies of restored files as they were at the time of a snapshot. You can also use either rollback or Full System Recovery to return the files on the computer to their state at a selected point in time. This can be useful to reverse unwanted changes to the operating system and other important files. Users can also perform rollbacks themselves. Specific files can also be restored from Full System Recovery CD-ROMs if the protected computer is bootable. This can be useful if a remote user is not on the local network and needs to restore files quickly. A Full System Recovery CD-ROM can be passwordprotected, in which case an Recovery Solution user name and password are required to access the files on the CD-ROM. For more information on password-protection and access to CD-ROM data, see Full System Recovery Disk Creation on page 134. How the Temporary Operating System Is Created Every time a protected computer starts, a system file installed with Recovery Solution monitors which files are accessed during the startup process. This is the File Access Logger, or FAL, and it creates a log that contains the list of startup files. A corresponding FAL Stopper, which appears as a service under Windows 2000/XP, stops the FAL as soon as Windows has finished starting up. When a Full System Snapshot is performed, the FAL log is sent to the server and stored along with the protected files. When you create Full System Recovery disks, Recovery Solution also creates a temporary operating system from this list of startup files and stores a compressed copy of this operating system in a CD-ROM image. When compressed, a small temporary operating system image uses about 20 MB of disk space, but depending on the protected computer’s configuration it is possible to have a much larger image. For a Windows 2000 computer, you will typically need about 100 MB. Recovery Disk Space Needed In general, to recover a file a protected computer must have at least the size of the recovered file in free disk space. However, this rule might not suffice in all situations. Redundant Block Elimination, which minimizes the amount of disk space needed to store multiple versions of protected files, also requires a little extra disk space on the protected computer for recovering files. If there is not enough free disk space, the user encounters an error when attempting to recover the file. The actual calculations for the amount of disk space needed are somewhat involved, but if you have an idea about how big the earlier versions of a file have been, you can at least determine the maximum amount of space that would be needed to recover the file. To calculate the maximum amount of recovery disk space required 1. Determine the largest size that the file has been since it was first protected. If multiple files are being recovered as one job, determine the largest size that any one of the recovered files has been since it was first protected. Recovery Solution Reference Guide 278 Since files increase in size more frequently than they decrease, in many cases the size of the version being recovered is an adequate estimate of the largest file size. Example: Suppose 3 files are being recovered, with file sizes 200 KB, 250 KB, and 100 KB. If the 250 KB file has always been the largest file, and it was once 400 KB at the time of a snapshot, then use 400 KB as an estimate of the largest file size. 2. Add the sizes of any remaining files being recovered. Example: To 400 KB, add the sizes of the other two files (200 KB and 100 KB). The total amount of disk space needed to recover the files is 700 KB. Command Line Utilities z AeXRSEnc Utility (page 279) z AeXMigrt.com Utility (page 282) Local Recovery has a number of utilities, which you can use to work on Altiris partition. The following utilities are described: z BWINST Utility (page 288) z RECREATE Utility (page 289) AeXRSEnc Utility AeXRSEnc.exe utility lets administrator encrypt and decrypt the policy.cfg file that contains Recovery Agent settings on client computers. The utility is especially useful in case Recovery Solution is installed without Notification Server. In this case administrator can modify Recovery Agent setup package to contain custom agent settings. The recovery.xml file is an ASCII file that controls where the Recovery Agent stores its settings and accessibility to which tabs in the agent UI is controlled via password. This file is encrypted using Microsoft's implementation of RC2 algorithm with 40bit encryption key. This algorithm is widely used in a number of commercial software packages, including Lotus Notes, Microsoft Windows, Internet Explorer and Netscape Communication's Navigator and Communicator (refer to the RSA Data Security, Inc. web site at http://www.rsasecurity.com for more details on this algorithm). To replace the policy.cfg file in AgentSetup.exe package you can use the ASPack utility found in install path\Altiris\Recovery Solution\Console\Tools folder on the computer where Recovery Solution is installed. To download the AeXRSEnc utility 1. In the Altiris Console, click the Tasks tab. 2. In the left pane, select Tasks > Incident Resolution > Recovery Solution > Agent Settings Decryption/Encryption Utility. AeXRSEnc utility usage To encrypt the recovery.xml file outputting the encrypted recovery.cfg file in the current working directory, run: AeXRSEnc.exe -e|-encrypt To decrypt the recovery.cfg outputting the decrypted recovery.xml file in the current working directory, run: Recovery Solution Reference Guide 279 AeXRSEnc.exe -d|-decrypt For help, run: AeXRSEnc.exe -h|-help Policy XML File Description The client settings stored in .XML files (policy.cfg and usercfg.xml) are installed with Recovery Agent. These .XML files can be found in the Recovery Agent’s Config folder. The policy.cfg file is encrypted and contains all Recovery Agent settings; the usrcfg.xml is stored in plain text and contains custom user settings (the file is empty by default). To encrypt or decrypt the policy.cfg file you must use the AeXRSEnc.exe utility. The policy.cfg reflects the settings from the Altiris Console; the non-encrypted usrcfg.xml contains custom user settings, which will override the settings defined in Console in case the permissions are set to allow it. The usrcfg.xml has the same XML structure that the policy.cfg has, except the inherit and permission attributes and some other sub-categories, which can not be modified through the Recovery Agent Options, such as <UserRight>, <HealthAlerts>, <SpaceUsage> etc. The policy.cfg must contain all the settings (none of them can be deleted from policy.cfg), but the usrcfg.xml file can be empty. All Recovery Solution settings are grouped together under different categories. On the top level, all Recovery Agent settings are divided into three categories that reside inside the <AgentSettings> root XML tag: <AgentSettings> <RemoteSettings> ... </RemoteSettings> <LocalSettings> … </LocalSettings> <CommonSettings> … </CommonSettings> </AgentSettings> The <RemoteSettings> category contains server-based Recovery Agent settings. The <LocalSettings> category contains Local Recovery Agent settings and the <CommonSettings> category contains common settings for both Recovery Agent modes (server-based and local). Inside the top three categories, the settings are grouped by sub-categories, such as: z <SnapshotSettings> - Snapshot and Snapshot Schedule settings z <SnapshotExcludes> - Snapshot excludes z <RollbackExcludes> - Rollback excludes z <SpaceManagement> - Space Management settings Recovery Solution Reference Guide 280 z <SpaceUsage> - Storage quota settings (server-based mode only) z <HealthAlerts> - Health Alerts settings (server-based mode only) z <BandwidthThrottling> - Bandwidth Throttling settings (server-based mode only) z <MiscSettings> - Miscellaneous settings z <ConnectionManagement> - Connection Management settings (server-based mode only) z <UserRights> - User rights z <RemoteAccessSettings> - Remote Access settings (server-based mode only) z <TransportSettings> - Transport settings (server-based mode only) z <HiddenTransportSettings> - Transport settings that depend on cluster network settings (server-based mode only) z <StorageManagement> - Storage settings (local mode) z <F11RecoverySettings> - F11 Recovery settings (local mode) The sub-categories contain two attributes (that exist only in policy.cfg file and absent in usrcfg.xml): permission and inherit. The permission attribute controls the settings behavior. The inherit attribute is not used by Recovery Agent, it was reserved for the Altiris Console usage only. The permission attribute can have one of the three values: z ReadOnly - the settings for this sub-category are taken from policy.cfg and cannot be modified by user from the Recovery Agent Options. z Edit - the settings for this sub-category could be overridden by user settings modified from the Recovery Agent Options. The overridden settings are stored in usrcfg.xml. In case of Edit permission, the settings for current sub-category will be first looked up in usrcfg.xml and if they are absent then the settings will be taken from policy.cfg. z Append - this attribute is used only for Snapshot and Rollback excludes. In case of the Append permission, the settings (list of excludes) are taken from policy.cfg and usrcfg.xml. Caution We do not recommend manual modification of policy.cfg or usrcfg.xml files, because any misprint can cause the Recovery Agent to become totally unusable. The best practice is to modify the settings from the Altiris Console. Here is the example of how to modify the Hide client UI settings using the policy file: z Get the AeXRSEnc.exe utility and copy it to the Recovery Agent Config subfolder. Then run it using the following command line: AeXRSEnc.exe -d This will decrypt the policy.cfg file to policy.xml. z Find the HideClientUI tag that reflects the Hide client UI settings in the Altiris Console and modify this setting (set to enabled attribute to True) z Check that XML file format is correct and readable by opening it using the Microsoft Internet Explorer. z If XML file is correct, then delete policy.cfg file and run the following command line to encrypt policy.xml file to policy.cfg: Recovery Solution Reference Guide 281 AeXRSEnc.exe -e z To force the Recovery Agent rereading policy.cfg file and to apply the modified setting, run the following command in the Recovery Agent folder: AeXCmd.exe /ApplySettings Here is the example how to modify the scheduled snapshot starts time: z Decrypt the policy.cfg file using the AeXRSEnc.exe utility (like in previous example). z Locate the <StartTime> tag inside the <SnapshotSettings> sub-category in policy.xml file. z Modify the time inside the <StartTime> tag (please use the same time format). z Check the policy.xml file and encrypt and apply it like in the previous example. The following figure shows sample policy.xml file settings. Note that to hide all Recovery Agent user interface elements, the enabled attribute of the <HideClientUI> tag must be True, and the following <CommonSettings> must be False: z <ShowStatusIcon> z <ShowAgentDesktopIcon> z <ShowAgentDesktopIcon> z <ShowAgentOptionsInStartMenu> z <ShowWelcomeScreen> AeXMigrt.com Utility The purpose of the AexMigrt.com utility installed with Recovery Solution into the folder install path\Altiris\Recovery Solution\Console\Tools on Notification Server computer is to let administrators automate retrieval of files from the Recovery Server for a client or a set of clients. This section contains the following topics: z Overview (page 282) z Command-line parameters (page 285) (with usage examples) z Input XML files (page 287) (with usage examples) Overview The AeXMigrt.com utility runs on a computer where Recovery Agent installed and configured to connect to the Recovery Server to restore files from. Utility accesses the Recovery Server using the Recovery Agent, so the Recovery Agent must be fully functional (not disabled) on the computer. Note We recommend disabling scheduled snapshots and snapshots on events for the client, otherwise these snapshots can affect the utility workflow. The utility can run on Microsoft Windows 2000 and later platforms. It does not support Windows 98. The utility uses command-line parameters , the list of protected computers and the search mask supplied at run time to perform the following operations: Recovery Solution Reference Guide 282 z Authenticate on the Recovery Server to obtain the list of files for specified protected computers. z Create a list of files that must be restored. z Initiate restore operation using the Recovery Agent. Note The utility is command-line based and exposes no UI. Use cases Administrator wants to locate and restore a particular file (including all revisions) from selected computers backing up to the Recovery Solution Server. The utility automatically creates folders for each computer where the file exists during the restore. When multiple revisions of the file exist then the incremental ID is added to the name of the file revision (myfile001.txt, myfile002.txt etc.). The destination folder can be a local drive or a network share. Restore The utility lets the user restore files or folders by their name, name mask or location. Also, it is possible to restore files from a particular date range. There is no UI available for the search pattern configuration — all options must be provided using the commandline parameters or in an XML file. To search for files, the utility enumerates files that were backed up from a particular client to the Recovery Server and applies the specified mask to locate the required files. The search engine creates the list of files that fall under specific criteria specified by the user and will be restored. Note Specifying a more precise search mask will significantly decrease the search time. The utility performs an automated restore for files specified by the supplied mask and that were backed up from the specified computers to the Recovery Server. The utility accepts the file or folder name masks and the list of computers as input parameters, searches for these files on the Recovery Server and submits the restore job for the found items. The utility waits for the submitted job to complete complete and logs the resulting event into the activity log. The restore itself is performed by the Recovery Agent, using the list of found files. The utility creates the restore specification and submits the restore jobs to the Recovery Server. Depending on the number of files found, the utility submits either one or more restore jobs. In case of multiple jobs, utility submits them one by one, waiting for each job to complete. Destination folder for a restore operation must be provided using the command-line or the default one will be used. The default subfolder “aex_restored” is created in the location from where the utility has been launched. Restored file naming If you restore only latest revisions, the files will have exactly the same name they were backed up under on the Recovery Server. If you restore all revisions, the restored files that have multiple revisions will be renamed using following pattern: original_file_name(revision_numer).original_extension Recovery Solution Reference Guide 283 So if the file "mymail.pst" has 10 revisions and "restore all revisions" parameter was specified, the restored folder will contain files: Mymail(001).pst Mymail(002).pst ... Mymail(010).pst All file creation and modification dates will be restored correctly for corresponding versions, and it is up to the user to find the required one. Authentication The utility accesses the Recovery Server under a logged-on user account or an account specified in the command-line parameters or the specified XML file. If the utility fails to access the Recovery Server using the specified credentials, it will log the corresponding entry into the log file. The utility accepts accounts from the AexRSUsers or AeXRSManagers groups. For an account from the AexRSUsers group, only files from protected computers that belong to the particular user can be restored. For accounts from the AeXRSManagers group, the files from all protected computers can be restored. Destination folder structure The restored files will be placed in the destination folder as follows: <destination folder>\<computer name>\<disk name>\<path to file>. So, if the destination folder is C:\Tmp and original file is D:\Program Files\PST\mypst.pst on machine XRG200 then the resulting restored file path will be: C:\Tmp\XRG200\D\Program Files\PST\mypst.pst Activity and error logging During execution, the utility creates the activity log file that contains the description and details of performed operations. The default log file name is "ade.log" and it will be created in the same folder where utility resides by default. The log file path can be changed by providing the special command-line parameter. The log file will contain following information: z Utility executions start time z Name of the currently logged user z Name of the Recovery user selected to authenticate on Recovery server z List of machines that are available for search z Destination folder z List of found files z Any information about errors that occur during execution Any internal utility errors that occur the execution will be logged to the activity log file. Any errors that occur during the restore job execution and the status of restore operation for found files will be logged into the Windows application log as usual. Recovery Solution Reference Guide 284 Command-line parameters The restore operation can be started by specifying the mandatory "/R" parameter. All other parameters are optional. The following table lists the parameters recognized the by utility. Parameter Description /R Perfrom restore /M:<computer_name> Specifies the particular client machine name or name mask to search files for. If not specified, utility will search files on all machines that can be accessed by user specified in logon dialog. /File:”<file_name>” Specifies the file name or file name mask to search for. More than one mask can be specified. Optional, if no masks (file or folder) specified, all files will be restored. /Folder:”<folder_name>” Specifies the folder or folder mask to search for. More than one mask can be specified. Optional, if no masks (file or folder) specified, all files will be restored. /All Specifies that all revisions of found file must be restored. Optional, if not specified latest revisions of file(s) will be restored. Valid only for restore operation. /FromDate:"MM/DD/YY” Specifies an optional time based filter. Only file revisions that are newer than specified date will be restored. The utility will accept only one mask of this type but it can be used with "/ToDate". Valid only for restore operation. /ToDate:"MM/DD/YY” Specifies an optional time based filter. Only file revisions that are older than specified date will be restored. The utility will accept only one mask of this type but it can be used with "/FromDate". Valid only for restore operation. /XML:<full_path_to_xml> Specifies a full path to XML file with parameters for restore/deletion operation. If specified, the utility will obtain search masks and other parameters from XML file. NB! Parameters provided from command line will override parameters from XML file, except search masks and client machines that will be used as additional to one specified in XML. See Input XML files (page 287). Recovery Solution Reference Guide 285 Parameter Description /Dest:<destination_folder> Valid for restore operation, specifies a folder to restore found files into. Optional, if not specified, utility will restore found files into its current location subfolder aex_restored. The destination can be local, UNC path, or a mapped network location. /S Stops execution of previously started restore operation. /Login Login name (DOMAIN\User) to authenticate on Recovery Server. Optional, if not specified, utility will try to authorize under currently logged user. /Pass Password to authenticate on Recovery Server. Optional, if not specified (but / Login was specified), empty password will be used. Ignored if "/Login" was not specified. /L:<log_file_path> Full path to log file that will be generated by utility. Optional, if not specified, utility will generate log file in folder where it resides. /? Displays a dialog with utility usage scenarios. Usage examples The following table gives some examples on how the restore operation can be configured from the command line. Sample task Command Search all clients and restore all found PST files AexMigrt.com /R /File:"*.pst" Search all clients and restore all found Word and Excel documents AexMigrt.com /R /File:"*.doc" / File:"*.xls" Search client XRG200 for folder C:\Documents and restore its content. AexMigrt.com /R / Folder:"C:\Documents" / M"XRG200" Search all clients and restore all found PST files into c:\tmp folder using ALTIRIS\Britney account with password "oops". AexMigrt.com /R /File:"*.pst" / Login:"ALTIRIS\Britney" / Pass:oops /Dest:"C:\tmp" Search all clients and restore all revisions of found PST files that were included in snapshots performed between 10/11/ 2006 and 10/12/2006. AexMigrt.com /R /File:"*.pst" / All /FromDate:"10/11/2006" / ToDate:"10/12/2006" Cancel restore. AexMigrt.com /S Recovery Solution Reference Guide 286 Input XML files The most convenient way to perform a restore is using an XML file passed to the utility through the command line. While the XML file can contain all parameters required to perform the restore, these parameters can be overridden or extended by using the corresponding command-line parameters. Note File masks provided in an XML file should not contain reserved symbols for XML syntax. For example, you cannot use symbols “<“, “>”, “(“, “)” and other. If you need to use a file or folder mask with these symbols, use the command-line parameters instead of XML file. Sample XML file 1 The following sample XML file (adeu.xml provided with the utility) configures the utility to restore latest revisions of two files and all folders on disk C: that start with "Photo" on computers PC1, PC2, PC3. The Recovery Server will be accessed under "ALTIRIS\Britney" user account with password "oops". All activity logging will be performed into "C:\britney.log" file. <?xml version="1.0" encoding="utf-8"?> <Operations> <Operation type="restore" Dest="c:\Tmp" Login="ALTIRIS\Britney" Pass="oops" LogFile="C:\britney.log" FromDate="10/11/2006" ToDate="20/11/2006"> <Machines> <Machine Name="PC1"/> <Machine Name="PC2"/> <Machine Name="PC3"/> </Machines> <SearchItems> <Item type="File" Name="party.img"/> <Item type="File" Name="mail.pst"/> <Item type="Folder" Name="C:\photo*"/> </SearchItems> </Operation> </Operations> Sample XML file 2 The following sample XML file configures the utility to restore all revisions of two files "party.img" and "mail.pst" and all revisions of files in all folders on disk C: that starts with "Photo" that were modified between 10/11/2006 and 10/12/2006. This operation will be performed for all computers to which currently logged user has access. The Recovery Server will be accessed under currently logged-on user account. All activity logging will be performed into "C:\britney.log" file. Recovery Solution Reference Guide 287 <?xml version="1.0" encoding="utf-8"?> <Operations> <Operation type="restore" Dest="c:\Tmp" LogFile="C:\britney.log" Versions="all" FromDate="10/11/2006" ToDate="10/12/2006"> <Machines> </Machines> <SearchItems> <Item type="File" Name="party.img"/> <Item type="File" Name="mail.pst"/> <Item type="Folder" Name="C:\photo*"/> </SearchItems> </Operation> </Operations> Overriding XML values with command-line parameters It is possible to override parameters specified in XML file by providing corresponding parameters from command line: The following sentence executes the restore operation for the XML file specified above using "D:\restoredstuff" folder as destination. AexMigrt.com /XML:"adeu.xml" /Dest:"D:\restoredstuff" The following sentence executes the restore operation for XML file specified above using "D:\restoredstuff" folder as destination and adds one more computer to search for in PhotoVault: AexMigrt.com /XML:"adeu.xml" /Dest:"D:\restoredstuff" / M:PhotoVault BWINST Utility Bwinst is a utility that is useful for removing an Altiris Partition in case the Altiris Partition remains after the software has been uninstalled. It is also useful for clearing out the marked bad sectors if the Altiris Partition is gone, but the bad sector marks remain. The Bwinst utility can be obtained from the Altiris Console > Tasks tab > Incident Resolution > Recovery Solution > Altiris Partition Removing Utility. BWINST utility usage Boot to DOS and run bwinst -rs -u -rs : operate on the Recovery Altiris Partition -u : uninstall the partition Recovery Solution Reference Guide 288 -d<HDD number> : remove partitions from additional HDDs (-d1 (default) means removing Altiris Partition from HDD0, -d2 from HDD1 etc.) RECREATE Utility Recreate is a collection of files that can be used to restore a system from RSDATA, when the disk with the original RSMAIN partition fails. Recreate will format a new disk, destroying any data thereon, and install a new RSMAIN Altiris Partition on that disk. This disk can then be used to access the RSDATA partition, and the data it holds. Recreate utility is usually needed if a user cannot boot from the hard drive on which Altiris partition was created. Otherwise, the user can simply boot from the disk drive containing the Altiris Partition instead. The Recreate utility is available per request from the Altiris Technical Support. RECREATE utility usage Boot to DOS and change directory (cd) to the recreate directory. Run partmake.bat Note If there is more than a single disk on the system, Recreate will prompt the user for the correct disk. After Recreate runs, restart the machine from the new RSMAIN disk. It will then boot to the Recovery partition and restore the user's data. Stopping and Starting the Recovery Solution Server Service At times, you may need to stop the server service to perform basic maintenance. You can stop the server, temporarily preventing users from running snapshots or restoring data. Before you stop the server, let your users know that the server will be unavailable for snapshot and restore operations. If you disable the server while users are running snapshots, the users will receive error messages stating their computers are unable to connect to the server. To stop or restart the server service 1. From the Windows Start menu, open the Control Panel, then open the Services applet. 2. Highlight Altiris Recovery Solution Server service and click Stop or Start. 3. Highlight Altiris Recovery Server Host Manager (ping service) and click Stop or Start. Recovery Solution Reference Guide 289 Note Altiris Recovery Solution Server service depends on the Altiris Recovery Server Host Manager (ping service). Stopping the Altiris Recovery Server Host Manager (ping service) also stops the Altiris Recovery Solution Server service. If you stop the Altiris Recovery Solution Server service by itself, the Altiris Recovery Server Host Manager will automatically restart the server service on start-up. Recovery Solution Infrastructure Backup and Restore This topic describes the steps that need to be done in order to obtain a complete backup of Recovery Solution infrastructure. z Recovery Solution Infrastructure (page 290) z Backup (page 291) z Restore (page 294) Recovery Solution Infrastructure A Recovery Solution cluster may have one or several Recovery Solution Servers, which can be installed remotely. A cluster's Recovery Solution Database can be also located on a remote SQL server. One Notification Server can manage many Recovery Solution clusters. The Notification Server Database stores the following Recovery Solution data: list of Recovery Solution clusters, Recovery Solution agent and Recovery Solution cluster settings. Through Recovery Solution data file mirroring, there can be several copies of data files, these copies are synchronized between themselves either synchronously or asynchronously (by means of an Recovery Solution Server job). You can have an optional load balancer device that can be "attached" to the cluster. It is used to distribute client requests among the cluster's servers. As a result, the Recovery Solution infrastructure can be now heavily distributed: z The SQL Server computer with Notification Server Database. z A Windows Server computer with Notification Server and Recovery Solution. z Each Recovery Solution cluster can have its own SQL Server computer with Recovery Solution Database. z Any number of Recovery Solution Server computers. Every such computer has its own local Windows group for Recovery Solution users; it also has ODBC DSN string for communication with the Recovery Solution Database computer. See also: Recovery Solution Architecture (page 19). Recovery Solution Reference Guide 290 Backup Generally, to get a complete snapshot of an Recovery Solution 6.2 SP2 installation, you must back up the following pieces of information: z On computer with SQL Server that hosts the Notification Server Database: The Notification Server Database. Either the complete database must be backed up, or only Recovery Solution-related data (see Notification Server Database Backup on page 291). "Linked Server" entries to SQL Server computers with Recovery Solution databases. SQL Server Enterprise Manager allows doing this easily via rightclick on "Linked Servers" node in the Enterprise Manager console, and selecting "Export List..." menu item. Note This step is only needed if the Notification Server database is located on a different SQL server rather than Recovery Solution database. z On computers with SQL Servers that host Recovery Solution databases (for all Recovery Solution clusters): The Recovery Solution Database (see Recovery Solution Database Backup on page 292). AeXRSDatabaseUser login account This account can be seen under Security\Logins node in the Enterprise Manager console. Right click provides "Export List..." menu item. z For every Recovery Solution cluster, Recovery Solution data files must be backed up as well (see Data Files Backup on page 293). z For clusters that use load balancers, load balancer configuration must be backed up. Since this information is balancer-dependent, there is no step-by-step instruction for backup procedure. Please refer to the specific load balancer's documentation. Notification Server Database Backup If Notification Server is only used to host the Recovery Solution installation, you can back up the complete Notification Server Database. The Notification Server Database can be backed up using approaches described in Recovery Solution Database Backup on page 292 except that you will specify the Notification Server Database. Note that if the SQL Backup Agent is not used, then the SQL Server service that hosts the Notification Server Database must be stopped, which will make the Notification Server non-operable for the duration of Notification Server Database backup. But if there are several solutions installed, it's not feasible to back up the complete Notification Server Database, as in case of disaster the whole database will have to be restored, possibly overriding other solution's settings. For this scenario, a set of SQL scripts was developed. These scripts are available for download from http:// www.solutionsam.com/imports/6_2/recovery. z Backup_All_RS_Clusters.sql - creates a backup database named RS_Backup_DB, then backs up all RS clusters-related data into that database. z Restore_All_RS_Clusters.sql - restores information about all RS clusters from the RS_Backup_DB. Recovery Solution Reference Guide 291 z Backup_Single_RS_Cluster.sql - backs up information about a single cluster. z Restore_Single_RS_Cluster.sql - restores information about a single cluster. z Create_RS_Backup_DB.sql - creates an empty RS_Backup_DB. Should be called before Backup_Single_RS_Cluster.sql in cases when there is no backup database. Caution These scripts do not backup RS Agent Settings and RS Agent Rollout policies. So changes to these settings will be lost after restore. Notes Every script has a comment in the beginning, describing its usage. Before running Backup_Single_RS_Cluster.sql and Restore_Single_RS_Cluster.sql scripts, you must specify proper cluster GUID. To get the Recovery Solution cluster GUID, open Properties for the Recovery Solution cluster you want to back up in the Altiris Console. Recovery Solution Database Backup For every Recovery Solution cluster, its Recovery Solution Database must be backed up. It is strongly recommended that you back up the database to removable storage on a regular basis. For that, you can use use the SQL Server database backup functionality built-in the Microsoft SQL Server software. Important Whichever method you use, back up the database files first and then the protected data (BLOB) files. Also, because Recovery Solution uses the domain user accounts database, the domain controller computer must be also backed up. The following instructions help you backup the Recovery Solution database. For additional information on backup and restore of Microsoft SQL Server databases, see Microsoft SQL Server documentation. To backup the database 1. Stop the Recovery Solution Server service (see Stopping and Starting the Recovery Solution Server Service on page 289). 2. If the server is running Microsoft SQL Server: a. Open SQL Enterprise Manager. Note For Microsoft SQL 2005, Microsoft SQL Server Management Studio shoud be used. b. In the Console Tree (usually on the left side), expand SQL Server Group, the name of the server, and then Databases. c. Select the database for Recovery Solution. By default, it is named AeXRSDatabase. d. Recovery Solution Reference Guide In the Details Pane, under Backup, click backup database. 292 e. Under Backup, click Database - complete. f. Under Destination, click Add. g. In the Click Backup Destination dialog box, click File name. h. Specify the full path and file name. You can use the ... button to locate a path. The path is where the database backup will go. The file name is the file that you will have your backup software back up. 3. i. Click OK. j. Click Overwrite existing media. k. Click OK to start the backup. l. Have your backup software back up the file you created. If the server is running MSDE: a. Open an MS-DOS style command prompt. b. Change to the BINN subfolder of the folder containing the MSDE program files. You can use a command such as the following. CD /D "D:\MSSQL7\BINN" c. Enter the following command. OSQL.EXE -U sa -P -n -Q "BACKUP DATABASE AeXCRDatabase TO DISK = 'e:\AeXCRDatabase.dat'" AeXRSDatabase is the default name of the database. If your installation of Recovery Solution uses a different database name, make the appropriate changes in the above command. The path and file name specified at the end can be modified to any appropriate location. This command could be scheduled through Windows Task Scheduler or the AT command-line program. Database backups can also be scheduled using a SQL script. For details, see the Microsoft knowledge base article Q241397, which is available on the Microsoft Web site (http://www.microsoft.com). 4. Use your backup software to back up the protected data (BLOB) files. See Data Files Backup (page 293). Data Files Backup For every Recovery Solution cluster, its data files must be backed up. After the synchronization job is complete, only one copy of the data files (from any group) should be backed up. All servers in the clusters must be stopped or disabled during this process, to ensure data integrity. Backing Up With Software That Includes a SQL Backup Agent Follow these steps if your backup software includes a SQL backup agent. You might also need to refer to the instructions for your backup software. 1. Back up the database files for Recovery Solution. By default, these are the following. Recovery Solution Reference Guide 293 2. The main data file is AeXRSDatabase_Data.MDF, in a folder named AeXRSDatabase. You might have additional data files. Typically the next name would be AeXRSDatabase_Data.NDF. The log file is AeXRSDatabase_Log.LDF, in a folder named AeXRSLog. Back up the protected data (BLOB) files. Load Balancer Configuration Backup and Restore Note This step is only needed if your Recovery Solution Cluster is uses load balancer. Since in Recovery Solution 6.2 SP2 the load balancer device configuration (such as adding the nodes) must be performed manually, backup and restore must also be performed manually. What exactly should be backed up and restored is balancerdependent, generally information about nodes and about protocols/ports should be preserved and restored. Note that any changes to the restored configuration, such as balancer address, must be reflected in the Recovery Solution cluster settings UI in the Altiris Console. Restore If only the Recovery Solution Database or the data files got corrupted, there is no need to restore the Notification Server Database. In such cases skip the "Notification Server Database Restore" section. Similarly, if only the Notification Server Database got corrupted, there is no need to restore the Recovery Solution databases or data files of Recovery Solution clusters. Note, however, that if the Notification Server Database is restored from an old backup, then the restored database will not contain information about recently created Recovery Solution clusters and their settings. The Recovery Solution can be restored using either of the two approaches: If whole Notification Server database is restored In this case Notification Server and Recovery Solution databases should be simply restored using SQL server tools (see Notification Server Database Restore on page 295), data files should be restored to original location and Recovery Solution Server should be installed if original installation was corrupted. If Recovery Solution Database was created on different SQL server than Notification Server database, then saved ODBC DSN string should be restored as well. If only Recovery Solution specific information is restored using SQL scripts 1. Recovery Solution should be installed again if its installation was corrupted. 2. Should be executed either Restore_All_RS_Clusters.sql or Restore_Single_RS_Cluster.sql scripts (see Notification Server Database Backup on page 291) depending on whether you want to restore all Recovery Solution Clusters or just one. Note that in case of using Restore_Single_RS_Cluster.sql script admin should specify correct RS Cluster GUID in the script. Recovery Solution Reference Guide 294 3. Recovery Solution SQL database should be restored using SQL Server tools. For information, see Recovery Solution Database Restore (page 295). 4. Recovery Solution data files should be restored from backup to original location. See Data Files Restore (page 295). 5. Recovery Solution Server should be installed to the same machine where it was originally installed. 6. If Recovery Solution Database created on different SQL server than Notification Server database, then saved ODBC DSN string should be restored as well. 7. You should also restore the AexRSDatabaseUser account backed up at step AeXRSDatabaseUser login account (page 291) if it is missing. Notification Server Database Restore If the whole Notification Server Database was backed up, it can be restored using approach described in Recovery Solution Database Restore on page 295. Simply substitute the Notification Server Database name instead of Recovery Solution Database name. If either of backup SQL scripts was used, then the appropriate restore script should be used to restore either all or a specific Recovery Solution cluster. Data Files Restore If data files mirroring is utilized in Recovery Solution 6.2 SP2 installation, then it's only needed to restore the files to the main storage group. Other groups will be synchronized, either (for synchronous groups) automatically on the background or (for asynchronous groups) during the next synchronization job. We recommend that you back up the data files along with the Recovery Solution Database, and also restore these two pieces of information together. Recovery Solution Database Restore This section describes how to restore the database from a backup. For instructions on creating a backup, see Recovery Solution Database Backup on page 292. The following instructions help you restore the Recovery Solution database. For additional information on backup and restore of Microsoft SQL Server databases, see Microsoft SQL Server documentation. To restore the database 1. Install the Recovery Solution Server. 2. Stop the Recovery Solution Server service (see Stopping and Starting the Recovery Solution Server Service on page 289). 3. If the server is running Microsoft SQL Server: a. Open SQL Enterprise Manager. b. In the Console Tree (usually on the left side), expand SQL Server Group, the name of the server, and then Databases. c. Select the database for Recovery Solution. By default, it is named AeXRSDatabase. Recovery Solution Reference Guide 295 4. d. In the Details Pane, under Backup, click Restore database. e. For Restore, click From device, then click Select Devices. f. For Restore from, click Disk, then click Add. g. Specify the file name of the backed up database, then click OK. h. Click OK again to return to the Restore database screen. i. Click the Options tab. j. Click Force restore over existing database. k. Click OK. If the server is running MSDE: a. Open an MS-DOS style command prompt. b. Change to the BINN subfolder of the folder containing the MSDE program files. You can use a command such as the following. CD /D "D:\MSSQL7\BINN" c. Enter the following commands. OSQL.EXE -U sa -P -n -Q "DROP DATABASE AeXRSDatabase" OSQL.EXE -U sa -P -n -Q "RESTORE DATABASE AeXRSDatabase FROM DISK = 'e:\AeXRSDatabase.dat'" AeXRSDatabase is the default name of the database. If your installation of Recovery Solution uses a different database name, make the appropriate changes in the above commands. The path and file name specified at the end should point to the existing database backup file. 5. Once the database restoration is complete, restore the BLOB files back to their original location. 6. Use Windows Control Panel to restart the Altiris Recovery Solution Server service. Recovery Solution Reference Guide 296 Appendix A Hard Disk Support Altiris Partition creation in local mode is supported only for a specific set of SCSI/SATA and RAID adapters. All IDE controllers are supported for Local Recovery. Server-based Full System Recovery of RAIDs is supported only for a specific set of RAID adapters. See below for more information. Notes The full list of supported adapters can also be found in the following file: C:\Program Files\Altiris\Recovery Solution Agent\SCSIConfig.ini. The latest information may be also provided in the Altiris Recovery Solution Release Notes. For information on enabling 48-bit Logical Block Addressing (LBA) support for ATAPI disk drives in Windows 2000 and Windows XP, see Microsoft Knowledge Base articles Q305098 and Q303013 available on the Microsoft Web site (http://www.microsoft.com). Recovery Solution Reference Guide 297 SCSI/SATA controllers supported for Local Recovery ACARD ATP850UF ATP860R Adaptec ATP865 ATP860A ATP865 AHA-2930C AIC-7855 AIC-7896 AHA-2940/2940W AIC-7860 AIC-7896/7 AHA-2940U/2940UW AIC-7861 AIC-7899 AHA-2944 AIC-7870 AIC-7899A AHA-2944UW AIC-7880 AIC-7899D AHA-3940/3940W AIC-7880p AIC-7901 AHA-3940Uxx AIC-7883U AIC-7901 AHA-3944/3944W AIC-7888 AIC-7902 AHA-3944U/ 3944UWD AIC-788x AIC-7902B AIC-7890 ASC-29320 AIC-7890/1 ASC-29320A AIC-7890AB ASC-29320ALP AIC-7892 ASC-29320LP AIC-7892A ASC-39320 AIC-7892B ASC-39320 AIC-7892D ASC-39320A AIC-7895 ASC-39320D AHA-3985 AHA-4944UW AHA-4944W/4944UW AIC-7515 AIC-7560 AIC-7810C AIC-7821 AIC-7850P American Megatrends MegaRAID 428 MegaRAID 434 Compaq CISS CISSB HPFC-5166A Dell PowerEdge 2 /Si PowerEdge 3/Di PowerEdge 3/Si DEC 21554 HP HPFC-5200B Intel 31244 82371SB 82801CAM 6300ESB 82372FB/82468GX 82801DB/DBL 6300ESB 82443MX 82801DBM 6300ESB 82451NX 82801E 80960RP 82801AA 82801EB 82371AB/EB/MB 82801AB 82801EB/ER 82371FB 82801BA 82801ER 82371FB 82801BAM 82371MX 82801CA Recovery Solution Reference Guide 298 LSI Logic LSI53C1020/1030 LSI53C1035 LSIFC919 LSI53C1030ZC LSI53C1510 LSIFC929 LSI53C1035 LSIFC909 PDC 20277 PDC20268 PDC20319 PDC 20622 PDC20268R PDC20371 PDC20246 PDC20269 PDC20375 PDC20262 PDC20271 PDC20376 PDC20263 PDC20275 PDC20378 PDC20265R PDC20276 PDC20267 PDC20318 QLogic ISP 2300 QLA2100 QLA2200 Silicon Image Sil 0680 Sil 3114 Sil 3512 Promise Technology Sil 3112 Silicon Integrated Systems SiS180 Vitesse VSC7174 Caution RAID arrays must be configured on the supported RAID adapters prior to running any tasks. RAID controllers supported for Local Recovery HP SmartArray 641 SmartArray 5i Dell IBM NetRAID-2M CERC SATA 6ch PERC 4e/Si PERC 4/Di RAID PERC 4/DC RAID PERC 3/Di PERC 3/DC ServeRAID 3L RAID RAID controllers supported for server-based Full System Recovery HP SmartArray 641 SmartArray 5i Dell CERC SATA 6ch PERC 4e/Si PERC 4/Di RAID PERC 4/DC NVIDIA SATA 4 Silicon Image 3112A Recovery Solution Reference Guide 299 Index A of event log contents 204 access problems with 212 accounts for users 257 administration options 169 administrator 163 administrator settings 163 Administrator’s Guide 16 AeXRSEnc utility 279 Altiris Helpdesk 16 Altiris Monitor Solution 16 Altiris PC Transplant Solution integration with 152 overview 131 problems with 216 requirements for 132, 133 running 143 setup for 133 dial-up networking 175 disks for recovery 134 Distributed Component Object Model see DCOM 17 Distributed Component Object Model (DCOM) 255, 266 documentation 16 domain account 57 Domain Name System 176 DOS drivers and recovery 253 drive configuration changes 94, 95 full system recovery 17, 189 full system snapshot 158 command line 152 G groups for users 257 H Altiris Recovery Partition 17, 63, 64, 171 check for errors 171 manage 170 E hard disks formatting during Full System Recovery 144 encrypted files files and encryption 253 hard drives replacement of 213 B encryption 171 help 16 errors during Setup 206 hiding progress indicator 94, 94, 94, 95, 95, 95, 95 bandwidth 90 bandwidth throttling 90, 165 baseline snapshot 17 C CD-ROMs for recovery 134, 136 clearing the event log 204 clusters 14 command line and snapshots 147 configuration of DCOM 255, 266 of Full System Recovery 133 of IIS 261 of ODBC 265 connection troubleshooting 211 Event Details 198 event log clearing 204 configuration of 261 configuring 204 saving to file 204 event log file 194 event messages viewing 202 Event Viewer 197 searching 197 using 193 exclamation mark icon on protected computer 66 excluding files 183 excluding files from snapshots 81 F D files data defining for rollback 80, 91 migrating 129, 146 migrating using PC Transplant Pro 131 recovering 131 excluding from snapshots 81 protected 159 restoring 160 I installation 26 and new hard drives 213 errors 41 of Web-based file recovery 272 prerequisites 26 problems with 208 Recovery Agent 51 Recovery Agent Setup Wizard 54 Internet Information Server (IIS) 261 IP address of protected computers 277 L last snapshot 164 license 44 limits of recovery 132 of Recovery Solution 253 load balancing 14 local mode 14 files types restoring 180 Local Recovery 15 database errors installing 206 filters for rollback data 80, 91 log file 194 DCOM 17, 171, 255, 266 formatting hard disks during Full System Recovery 144 logs 170 DCOMCNFG.EXE 267 deletion Recovery Solution Reference Guide Local Recovery Pro 15 logon problems 212 Full System Recovery creating disks for 134 300 M manual snapshots 147 Microsoft Internet Information Server (IIS) 261 Microsoft Office 158 Microsoft Outlook 176 Microsoft SQL Server and ODBC 265 Microsoft Windows and recovery 137, 278 preferences Recovery Agent 173 prerequisites 26 problems with Agent installation 208 with Full System Recovery 216 with rollback 224 with Setup 206 with snapshots 213 product overview 13 Migrate utility 130 progress indicator hiding 94, 94, 94, 95, 95, 95, 95 migration using PC Transplant Pro 131 properties of file exclusion 82, 87 mirrored Blob files 14 protected computer 18 mixed mode 14 protected files 159 N protocols for DCOM communications 255 network and bandwidth 90 network configuration restoring 212 network protocols for DCOM communications 255 network settings 161 O Open Database Connectivity (ODBC) 265 operating systems temporary copies of 137, 278 options administration 169 for file exclusion 82, 87 for Full System Recovery 133 for recovery 134 performance 166 Recovery Agent 157, 157, 162 remote access 175 restore 165 options dialog box tabs 162 using 162 overview of Recovery Solution 13 overwriting logged events 204 P partial snapshot 18 running 159 Patch Management Solution 15 PC Transplant Solution 16 performance of recovery 255 of snapshots 254, 254 performance of 255 performance options 166 Recovery Solution Reference Guide R Real-Time System Manager 16 recovery 255 about 137, 277 and disk space 278 and DOS drivers 136, 253 creating disks for 134 over the Web 192, 272 problems with 216 requirements for 278 to a new computer 129, 146 Recovery Agent 18 existing account 57 Full System Recovery 174 installation 51 Installation Policies 48, 68 installation using Setup Wizard 54 installing 60 options 157 preferences 173 register 56 settings encryption utility 279 Recovery Agent options changing 162 viewing 157 Recovery Solution logs 170 Versions 160 Recovery Solution Server 58 Recycle Bin 253 Redundant Block Elimination (RBE) 278 Release Notes 16 remote access options 175 remote procedure call (RPC) RPC 255 removal of logged events 204 of Recovery Solution 44 requirements 26 restore command line 152 restore options 165 restore session 18 restoring file types 180 files 160 restoring files (see recovery) 277 restoring network settings 212 rollback 165 files 187 of network settings 212 problems with 224 rollbacks 18, 187 RSACmd.exe utility 152 S scheduled snapshots conditions 199 on idle 199 view schedule for 158 schedules for server jobs 274 for snapshots 212 worksheets for 274 SCSI drives and Full System Recovery 136 server limiting connections to 90 server-based mode 14 settings updates in database 277 setup for Full System Recovery 133 of Web-based file recovery 272 silent snapshots 94, 94, 94, 95, 95, 95, 95 snapshot command line 147 schedule 158 snapshot conditions 168 snapshot session 18 snapshot types 167 snapshots and recovery 131 displayed 159 excluding files from 81 from applications 147 performance of 254 problems with 213 scheduled 199 scheduling 199 silent 94, 94, 94, 95, 95, 95, 95 speed of 254 Software Delivery 15 Solution Center 35 301 SQL Server and ODBC 265 storage locations 180 T temporary operating systems 137, 278 throttling bandwidth 90, 165 troubleshooting 227 Agent installation 208 Full System Recovery 216 logon problems 211, 212 rollback 224 Setup 206 U uninstalling Recovery Solution 44 user accounts and groups 257 V version information 205 Virtual Private Network see VPN 19 VPN 19, 175 W Wake on LAN 81 Web-based file recovery 192, 272 Windows and recovery 137, 278 Windows Explorer perform snapshots through 158 wizards for web-based setup 53 worksheet job schedule 274 Recovery Solution Reference Guide 302