Q: What’s the easiest way to back up critical Windows files, such as the registry files, Active Directory (AD) database, and SYSVOL data, that are commonly referred to as system state data? I'm looking for an easy way to do a system state backup that I can quickly run each time I install new security patches, for example.

A: First, I want to point out that you should perform a system state backup whenever a software or hardware change occurs on a Windows system. You should also include the system state backup procedure in the change management documentation for your domain controllers (DCs) and critical Windows servers. The easiest way to perform a system state backup is to use the built-in Windows NTBackup utility, which you can open by typing ntbackup at the command line.
 When you run NTBackup, Windows will either start the Backup or Restore Wizard or the Backup Utility, depending on how NTBackup is configured. To perform a system state backup from the Backup or Restore Wizard, select Back up files and settings, Let me choose what to back up, and then select the System State check box in the My Computer container, as Figure 1 shows. The same thing can be done from the Backup tab in the Backup Utility, as Figure 2 shows. In addition, you can start the Backup Wizard, which only slightly differs from the Backup or Restore Wizard, from the Welcome tab in the Backup Utility. To perform a system state backup from the Backup Wizard, you must select the Only back up the System State data option.

 

The NTBackup utility isn't included in Windows Server 2008 or Windows Vista; however, you can perform a system state backup from the command line using the wbadmin.exe utility. For example, to perform a system state backup to the F drive, you would run the following command:
 

Wbadmin start systemstatebackup –backupTarget:f: