For small businesses on a budget, backing up network systems can be expensive, time-consuming, and difficult. I developed a solution that makes network backup more economical by using built-in tools on Windows NT 3.51 and 4.0 systems. My solution consists of a simple backup script (batch file) that contains commands for running the NT backup utility--NTBACKUP. You use the NT Command Scheduler or AT command to schedule when the script will run. These tools let you perform unattended scheduled backups of any network drive you can connect to, including shared drives on Windows 95 and Windows 3.11 machines and NT systems.
To use this backup method, you need Administrator privileges. Also, you must install a tape backup device on the NT machine on which you'll run the backup script.
Before writing the script, make sure you can connect to (i.e., mount) shared drives on the machines you want to back up. In a workgroup environment that has a separate user database for every system, you must have an account with sufficient privileges on each machine. I recommend creating an account for the sole purpose of backing up the system. Give this user a name such as Backer, and assign it the User and Backup Operator groups only. If you use domains, create a user on the Primary Domain Controller (PDC) with the group settings mentioned above; use this account to connect to all shared drives.
An easy way wto test whether a user has sufficient privileges is to try to connect to the shared drive under File Manager, while substituting the new user in the Connect As box in the Connect Network Drive menu option. If you receive the Network path was not found error, the share is unreachable, and you need to verify that the share is present. If you receive the Access denied error, you probably don't have sufficient privileges; correct this at the share by including access to all users (if security is not a concern) or only to the user you created to conduct the backup operations.
Before you write the script, you also must decide where to save the log files. I recommend an easy-to-remember yet secure location on the server that is doing the backup. I place the log files in a directory called LogFiles, in a subdirectory of the NT system directory. If you choose to store the log files on a network drive, make sure your connection will be stable for the duration of the backup.
At this point, you might find it convenient to organize a list of the names of the machines you want to back up, the shared drive names on those systems, and passwords required to connect to those systems or drives. Before you start the backup, test whether you can connect to the shared drives and have authority to back up all appropriate files.
Creating a Backup Script
Listing 1 shows the commands for a sample backup script (BACKUP.BAT). The script follows a basic format. First, you connect to a shared drive on a remote NT machine and assign it a drive letter. Next, you use the NTBACKUP command to copy the drive's contents to tape. When NTBACKUP has finished copying the drive, you delete the mount (i.e., disconnect the share) and start again on another shared drive. In this way, you back up all shared drives sequentially. NT adds each shared drive's contents (i.e., backup set) in turn to the backup tape, and each backup set has a section in the backup log.
Exploring the Backup Script
You can write the script using any text editor. Use the sample as a template for your script, although you will need to change some arguments for your system's specific configuration. Words in angle brackets are sample text; you must change them to fit your network environment. For example, in the first line,
net send <user> Backup Started
you must change the word user to an actual user who will receive the message Backup Started when NT runs the script. The sample script includes net send messages at the beginning and the end to let the user know that the script started and ended successfully. The messages also include, by default, the times the system sent the messages. Because these times correspond to the start and end times of your script, you can easily calculate how long the entire script took to run.
The statement in callout A in Listing 1 tells the system to perform several tasks: Back up the local C drive, include a comment (/d), include the local Registry in the backup (/b), use hardware compression (/hc:on), perform a particular backup type (/t), write the results to a log file called backup.log (/l), and designate which tape drive you want to use (/tape). Note that the /t switch can be followed by normal, copy, incremental, differential, or daily, depending on the type of backup you want to do. You set another switch, /tape, to 0, if you're using the first tape drive installed. A value of 1 means the second tape drive, 2 the third, and so forth.
Notice also that I include a full path to the log file, starting with the environmental variable %windir%. This variable lets you use the script on other machines with little modification.
The lines in callout B in Listing 1 tell the system to back up a network shared drive on an NT system. First, you connect to the share and assign it a local drive letter (in this case, X). This line uses the authority of user Backer in domain domainname to connect a share on a workstation. You must include this user's password in the script. Because the program saves this script as ASCII text and anyone with sufficient privileges can read the script, a security risk exists. This risk is one reason to create a user with limited authority only for backing up shares.
Next, the script issues an NTBACKUP command to back up the X drive. This line differs from the previous backup command (A) in two ways. First, NT appends this backup set to the previous one (/a), so the previous backup sets aren't erased. Second, this line has no /b switch telling the program to include the Registry with the backup. The current version of NTBACKUP lets you back up the Registry of the local machine only. To safely back up the Registry, including the user database (/s), you must make a repair disk at the console for each machine. Of course, you can use the same Emergency Repair Disk (ERD) for identically configured systems. You will need this disk later if you have to restore a network drive that contained a functional NT system. (For information about ERDs, see Michael D. Reilly, "The Emergency Repair Disk," January 1997).
Because the number of shares you back up might change or exceed the number of available drive letters on your system, always disconnect the share after you've backed it up. Doing so cleanly terminates your session with this network share and lets you reuse the drive letter. The command
net use x: /delete
disconnects the share and frees the X drive letter.
This script also includes commands (C) for backing up a Windows 3.11 machine. Use the same syntax for Win95 machines. This system need not be in your workgroup or domain, but you must be able to resolve its Universal Naming Convention (UNC) name (e.g., \\computername). Assuming a password protects the shared drive, you connect to the share by executing the command in line 11. This statement doesn't include usernames because only passwords, not user authorization, protect Win95 and Win 3.11 shares. However, the command to back up the share is the same as that for the NT workstation. The next line disconnects the share. You can, of course, back up any number of different shares, which may include other types of systems, provided you can connect to their shares.
Schedule the Script
After you create a backup script for automated network backup, test the script commands by entering them one line at a time at the command prompt. If the commands execute as planned, run the entire script from the command prompt by entering the script name. If the script works as intended, you're ready to schedule it to run automatically using either the Command Scheduler (WINAT.EXE) included with the Microsoft NT Resource Kit or the AT command (AT.EXE). The Command Scheduler is a graphical interface for the AT command. Although the AT command isn't as elegant, if you don't have the resource kit, you can use it to fulfill all your scheduling needs. In either case, by default, only Administrators can submit commands with these utilities.
To use either the Command Scheduler or the AT command, start the Scheduler service from Control Panel, Services. You need Administrator privileges to start this service. Note, however, that AT jobs don't run under the security context of the user requesting the job. Rather, they use the security context of the Schedule service, which is typically in the context of the operating system. Make sure you set the startup mode to Automatic so your scheduled jobs will survive a reboot.
Let's look at how to schedule a command to run via the Command Scheduler and via the AT command. The NT resource kit (highly recommended for any NT-phile) includes the Command Scheduler in the Configuration menu. Once you start this program, the program asks you whether you want to start the Scheduler service, if it isn't already started. Answer yes, and then select Edit, Add to schedule your new script. You'll see a window similar to Screen 1. Enter your script filename (use the full path if the script isn't in a directory listed in the path variable) and the parameters describing when you want it to run. Check the Interactive box only if you want to require a user to enter information during the script execution. After you click OK, you see the Command Scheduler window, shown in Screen 2, which lists AT jobs, including your script file with the appropriate times. If an error appears in the Error column after the time scheduled for your AT job to execute, make sure you've placed the script file in a directory listed in the path, or provide the full path to the script file. When you're sure the scheduling information is correct, simply close the Command Scheduler, and your script file is ready to go.
If you don't have the Resource Kit, you can use the AT command to schedule the backup script. First, enter
at the command prompt to learn more about the AT command's switches and arguments. Then, at the command line enter a line similar to
AT \\<MachineName> 1:00 /EVERY:Saturday "backup.bat"
This command schedules the script file for the same settings you used for the Command Scheduler.
Although the backup script automates network backup, it performs no restore functions. To restore data from tape, you use the NTBACKUP program's restore function. To perform a restore, select the Tapes option from the Windows menu and double-click the tape icon to display the backup set list on the tape. From the set list, you can select entire drives, directories, or individual files for restoration, by clicking the boxes preceding their names. Click Restore. On the window you see in Screen 3, designate where you want to place the restored files, if not in the original location. If you intend to restore the files to their initial location, make sure you have re-established the original network connections.
Restoring drives containing NT system files requires more work. If the drive you want to restore was local to the system that created the backup and you used the /b option to back up that system's Registry to the tape, you're in luck. Place the backup tape drive on an NT system that has access to the drive you want to restore. If this system is another machine, you physically move the hard drive from this machine back to the original machine after you have restored NT. You can also use another installation of NT on your system if the second version of NT is on a different hard drive. Find the disk in the tape's backup set list, select the entire drive, and click Restore. Next, check the Restore Local Registry box, and click OK. After the program has restored files to disk, you have to return the drive to the exact hardware configuration it was in when it last successfully ran NT. You might have to remove the tape device from your other system and add it back to your original machine. The system startup files expect the same environment that existed when you made the backup.
If the drive you want to restore contains an NT system and was a remote drive, you need an ERD to successfully return the system to its previous state (you should have already made a repair disk before backing up the system). To restore this drive, select the entire disk from the backup set list and restore it to a replacement drive. Install the replacement drive in the NT machine and begin the NT installation. Choose to repair an installation when prompted, and insert the ERD. Select Inspect Registry Files, and continue. The program presents you with a list of Registry keys that the system can restore; select all of them. When the program has successfully restored the Registry, reboot your system.
Although writing a script and using the AT command or Command Scheduler is a flexible solution, the solution lacks some features that you might find in a commercial NT network backup product. The most obvious shortcoming is the inability to back up Registries on remote drives. However, as I've already mentioned, you can address this limitation by creating an ERD for each machine you back up.
Another pitfall is that all shares you back up must fit on one tape; otherwise you must manually change tapes, which defeats the purpose of an unattended backup. In this situation or others that require user input, you must run the script in Interactive mode or the NT
BACKUP process will hang, and you'll have to reboot and restart the script.
But don't worry. If the script tries to connect to a share on a machine that's turned off or otherwise debilitated, the script will skip this command and move to the next one and back up other shares.
You can find more information In the NT backup program's Help file. Look under the Backup disk files to tape book and then under Using batch files to do backups. Or enter
at the command prompt to list the command-line switches for the NTBACKUP command. To obtain more information about connecting and disconnecting network shares, enter
at the command prompt.
The NT Resource Kit includes commands that let a script pause in its execution or pause for user input (see SLEEP /? and TIMEOUT /?, respectively). In addition to command-line Help, you can find more information about the commands in this article in the resource kit documentation. For more information on backing up your system, see Bob Chronister, "System and Enterprise-wide Backup Software," April 1996.