Do Shadow Copies Fully Back Up the Registry and AD Database?

Posted on 2008-10-28
Last Modified: 2008-11-10
Does a shadow copy of a Windows 2003 Domain Controller's %SystemDrive% capture the Registry, AD database, and all other volatile system data structures completely and consistently such that if the shadow copy is copied to another volume it can boot and run a clone of the the original server?

That is, can I use vshadow.exe alone for backing up a Domain Controller, or do I need to use NTBackup (or some other commercial backup product like BE) to capture the "System State" info in a complete, consistent form?

I am specifically asking about a "pure" Windows Server 2003 Domain Controller, without any complications involving SQL Server, Exchange, or other applications.

Thanks for your help!
Question by:jeff1946
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
LVL 42

Expert Comment

ID: 22828035
You can only use shadow copies to restore to the same volume.  If you want to be able to backup from one location and then restore somewhere else, you need a backup program such as NTbackup, Backup Exec, etc.

Shadow copies require the original volume to be intact in order to perform the restore.  The shadow copy only records the differences in the data structure, not the entire data set itself.  If you lose the original volume, the shadow copies are useless, even if you store them on another volume.
LVL 15

Accepted Solution

fishadr earned 250 total points
ID: 22829452
It all depends how you have configured it.

The following link has full details of how you can configure Volume Shadow Copy Service and Virtual Disk
Service to recover failed Microsoft Active Directory servers:

Author Comment

ID: 22830543
Thank you both for your quick responses.

I didn't specify the question precisely enough, and kevinhsieh got the wrong idea. To clarify: if S: is the shadow copy of my system disk, then I want to back up the snapshot it represents to another volume T: (which is not a shadow copy) using something like robocopy as follows: robocopy /mir /copyall S: T:

Now if my system disk (C:) fails, can I restore it from T: (robocopy /mir /copyall T: C:) and boot back to the point in time when the shadow copy was created? I'm really just asking whether the Registry, AD, etc. system state is captured by the shadow copy. Under normal runtime conditions the system state on disk is not necessarily consistent with the system state in memory, so the key question is whether the shadow copy operation invokes writers to force an update the on-disk system state. The document cited by fishadr seems to say yes, on. p. 5 under "Shadow Copy Creation".

But at the risk of belaboring the point, the scenarios in the document specifically refer to high end SAN hardware configurations with 3rd party VSS providers and Win2K3 Enterprise and Datacenter Editions. Can anyone confirm that the same shadow copy backup/restore approach will work with my Win2K3 Standard Edition and directly attached storage?
Forrester Webinar: xMatters Delivers 261% ROI

Guest speaker Dean Davison, Forrester Principal Consultant, explains how a Fortune 500 communication company using xMatters found these results: Achieved a 261% ROI, Experienced $753,280 in net present value benefits over 3 years and Reduced MTTR by 91% for tier 1 incidents.

LVL 15

Expert Comment

ID: 22830626
No standard shadow copy will not allow you to restore your AD environment.

If you want to back up AD then you need to run a system state backup. You can do this to file and then shadow copy this to another server and then restore the system state from there:

LVL 15

Expert Comment

ID: 22830708
The document provides a quick way to recover your DC (including AD) from a shadow copy - This is because the whole disks and volumes are on the SAN. You therefore virutall disconnect the faulty volumes and re-attach the SAN Shadow copies.

If you are not running this type of environment then you will not be able to recover the AD (system state) unless your restore via Directory Restore Mode.

The W2k3 Standard version is designed for network shares (users shared data).

Author Comment

ID: 22831786
Thanks for your additional comments, fishadr.

But please understand that I'm not suggesting to use the shadow copy to recover only the system state, I'm talking about recovering the whole system. The robocopy restore (robocopy /mir /copyall T: C:) would wipe out anything on C: and replace it with the entire contents of T: Think of this as  a disk cloning procedure. And just to simplify further, assume that C: is the only volume on the DC.
LVL 15

Expert Comment

ID: 22832726
You would probably be able to get it working in one way or another but as to how reliable this would be I am not sure.

Whenever I have implemented backing up a DC I have backed up the system state on a nightly basis and then backed this up to tape. Then to recover just restored the server from tape and then the system state and let replication update the server, it is pretty quick.

The only time it would not be quick is if you have a very large AD NTDS.DIT file, in which case you would have multiple DC's (so restoring the server would not be urgent) and it would take a while to restore the system state and replicate the changes back. But not much more than replicating back from robocopy. Which is why the recomendation is to use VSS to SAN then recover the OS (and AD) by switching the LUN's - This is the quickest recommended solution from Microsoft.

It is a good question that you ask but I am not sure what benefits you are going to achieve, if it will be any faster and how reliable it would be. You only need a slight corruption in the AD and the server will be in a real mess.

Author Comment

ID: 22925061
The system is nagging me to close this question, so I will give the credit to fishadr. I found the document he referred me to especially useful. With the help of the info in that document, I am working toward a lab test of whether a shadow copy of the DC will be a functional clone. Stay tuned....

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
Here's a look at newsworthy articles and community happenings during the last month.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question