Backup for 25 people: How?

T

tripex

Gawd
Joined
Jun 8, 2002
Messages
854
Hey you guys,

I'm looking for tips / procedures / solutions for a way of backing up the profiles of about 25 - 30 people.

Server:
  • Dell, 2x250 gigs in software RAID, 1 gig ram
  • Windows 2003 SBS Premium .
  • This is the local domain controller, fileserver, internet sharer (ISA), Exchange server.
  • This is not yet hosting a domain (.com or whatever) .
  • Currently has a DDS DAT72 tape drive: running daily full backups

Client machines:
  • Everyone is using Windows XP.
  • Everyone is joined on the local domain.
  • Most of the computers are old (some Compaqs P3 @ 1 Ghz / 256 RAM).
  • There are some P4 (2.8 Ghz / 512 RAM) .
  • There are also some notebooks (Centrinos / 512 RAM)
  • There are no roaming profiles / documents redirection at all. Every single machine saves the profiles on its own.

Usage:
  • The company doesnt provide emails for everyone so people are not using Outlook actively (most use Yahoo or Hotmail via webbrowser). Everyone has Outlook but only 5 people use it (those with external company email accounts). These people have 1.5 gig OST on the server plus some PST archives locally.
  • Emails from external accounts are pulled via POP connectors on the Exchange server.
  • Most of the users profiles arent very big (about 2 to 4 gigs tops).
  • Some of the users might have bigger profiles (up to 10 gigs tops).
  • Some users might have lots of mp3 and stuff which i would like to strip out from the backup, if possible.

Network:
  • Basic 100mbit
 
So, as you can see there is a backup for the server but there are no backups whatsoever for the client computers.

That means if a hard drive goes kaput, all documents on it go to hell. These are mostly Excel spreadsheets and stuff, but still.


Do you think i could use the server that i currently have or should i get a new machine just to hold a copy of everyone's profiles?

Suggestions people, keep'em rolling!
 
You can run NTbackup from the server and choose the method that only backs up archived records. I can't remember what it's called right now.

*update* OK found my book. Incremental update is what you want. It updates files that are 'archived' aka, changed, and does not backup anything not changed. You can use the backup utility of XP pro or download NTbackup (windows backup utility), then schedule daily backups on each machine, and point it to your server.

Experiment with it in your lab before you deploy though. And make sure not everyone is backing up at the same time ;)
 
Ok, but you're talking about setting up ntbackup manually on each computer?


I'm bumping this for the weekend specialists.

Hoping to see some really good suggestions guys.
 
tripex said:
Ok, but you're talking about setting up ntbackup manually on each computer?


I'm bumping this for the weekend specialists.

Hoping to see some really good suggestions guys.
Click to expand...
If you have XP Pro on the systems (which you should if you don't), then it's built in. Right click on C to access it. You can schedule the back ups but you have to do it manually unless you RDP to each system.

Keep in mind, I don't know if you have your staff trained to save data to the network drive, which if that were the case, simply having a raid 5 setup with weekly off-site backup, would suffice.

One thing I don't know is if your domain profiles are set to roaming, is if the configuration of the backup utility on each machine will move with the account or stay per machine.
 
Suggest enabling roaming profiles, then all the user profile data will be stored on the server. You can use Group Policy to then refine what gets redirected to the server, for example, you can redirect MyDocuments but not My Music. Further to that you could then say that "all MP3s must be kept in My Music and will not be a part of company backups due to resource constraints" or something like that.

HOWEVER...I see that you are running Small Business Server...don't know if it supports roaming profiles.
 
Small Business Server does support roaming profiles. However..with large amounts of users, and the server running on only SATA drives...it will be sluggish.

SBS should have 4 gigs of RAM in it..only 1 gig...yikes...ugh. RAM is cheap, she'll run a bit snappier (limited now by the SATA drives). Stuff it.

Get those Outlook users on the Exchange Server..else you're wasting a good portion of the value of SBS. Import those PSTs and dump 'em.

SBS has great built in backup program.

SBS also has a great built in GPO for folder redirection...it's preset to redirect the clients My Documents to the users default share on the server. This way the nightly backup on the server will cover the workstations My Docs folder. Nice 'n easy eh? ;) Not really any other reason to backup the rest of the users profile...just tell people to keep company data in their My Docs folder..and behind the scenes it's automatically on the server. With Outlook set to Exchange...that's also on the server..and backed up. Desktop stuff? Train them the proper way.....keep documents in My Docs...drag shortcuts to their desktop if they insist on desktop shortcuts.
 
Your other alternative if you don't want to go through setting up SBS in this manner is to do something like a Managed Backup Solution like MozyPro (specifically MozyEnterprise solution). It allows you to manage from a central web based interface...
 
I know you've said you are not on a domain yet however that would be one of the easier ways to accomplish your goal.

If you had a domain you could assign everyone a "Home folder" (An option under the Profile tab in AD) and that will automatically redirect everyone's "My documents to a share on the server and utilize the Offline Files setting on the client machines

From there simply backup that folder on the server and call it a day



EDIT:

YeOldeStonecat said:
SBS also has a great built in GPO for folder redirection...it's preset to redirect the clients My Documents to the users default share on the server. This way the nightly backup on the server will cover the workstations My Docs folder. Nice 'n easy eh? ;) Not really any other reason to backup the rest of the users profile...just tell people to keep company data in their My Docs folder..and behind the scenes it's automatically on the server. With Outlook set to Exchange...that's also on the server..and backed up. Desktop stuff? Train them the proper way.....keep documents in My Docs...drag shortcuts to their desktop if they insist on desktop shortcuts.
Click to expand...

This...
 
You didn't specify what your budget is or what your current backup software is, but Symantec has an option for BackupExec called DLO (Desktop, Laptop Option), which basically is an agent that runs on each client machine.

You can configure the agent to automatically monitor designated directories (My Documents, etc) or file types (.doc, .xls, etc) or combinations thereof to automatically copy those files to a network space that gets backed up.

In our environment, DLO is configured to monitor all files in My Documents for each profile that exists on the client laptop or desktop. When a file is modified, it automatically copies it to a share called \\fileserver\DLO\username that gets backed up every night to tape.

The users are then responsible for keeping whatever files they want to preserve in the "My Documents" folder. Anything not there is their loss. We also filter out any media files so that MyDocuments\My Music\iTunes doesn't dump massive gigs of people's music collections to the network.

With DLO's central management console and configurable policies, it's about as simple as it gets.

The only drawback to this setup is that first thing monday morning when laptop users come in and connect to the network, DLO creates a performance hit as it dumps a weekends worth of work to the DLO share over our wireless network.
 
AMD T-type said:
I know you've said you are not on a domain yet however that would be one of the easier ways to accomplish your goal.
Click to expand...

I think he's confused as to "domain"....
He states this...
"# Windows 2003 SBS Premium .
# This is the local domain controller, fileserver, internet sharer (ISA), Exchange server.
# This is not yet hosting a domain (.com or whatever) "

So he's running SBS Premium...which is a domain controller. Thus he is running active directory..so he has his own domain. I think when he states that it is not running a domain yet..he's talking about a web server...which most certainly you don't want to host your own website on a domain controller....but at a webhost.
 
(I really don't know how people get these IT jobs when they have no idea how to perform them.)

You should create a "personal" share for each user as well as a "common" data share for all to view. Map these as a drive from each workstation. Obviously, these should be on your "server" or a possible new "file server". Have all users put their important company data on these shares, with a policy that no important documents be saved to desktop. (you may want to take someones suggestion to redirect "my documents" as most end users are idiots, and may not know how or where to save files).

Now all you need to backup will be that common share on your file server.

Secondly, you should get everyone on exchange. Obviously, this needs to be backed up as well.

As far as roaming profiles are concerned, noticing by your general lack of new hardware, a slow network, and allowing users to save gigantic profiles, logging on/off would be unbelievably slow. Although, it would be significantly better route management-wise, as they could be controlled and backed up... when you move a user or upgrade a workstation, all the user's settings would remain.

And finally, if you do get everything on this "SBS" server with files, exchange, AD, etc... You probably should look at enacting some redundancy... I don't think anyone would be too happy if the one server with everything on it were to go down...

Good luck.... ;-)
 
SBS is designed to do all that (exchange, web, files, everything) just fine. on top of that, the native backup tool thats included in SBS is 100% reliable to do a full system restore... as long as the damn thing is configured.

yes, having it outsourced is good and better, but SBS is designed to handle it all in house... if you want to.
 
I personally would never recommend using roaming profiles. The first time a user gets tired of waiting on the network/server while shutting down and decides to just power off, and you'll think the same. Corrupt profiles are the norm, not the exception. But that's just my experience - at the time 85% of the enterprise (170K users) were forced into it. After examining the support cost, I'm pretty sure some heads rolled...

But as has already been stated, group drives, home drives and user training are the best way to go. Redirect My Docs to the home drive.

At the house however, I have a cron job on my gentoo server that connects to my individual computers at 30 min intervals and rsyncs them automatically.
 
REDYOUCH said:
(I really don't know how people get these IT jobs when they have no idea how to perform them.)
Click to expand...

What a ridiculous statement. We are routinely asked to implement new products at the whims of management, things we know nothing about.

Please find me the IT person that knows everything about every product. They don't exist.
 
SpaceHonkey said:
I personally would never recommend using roaming profiles. The first time a user gets tired of waiting on the network/server while shutting down and decides to just power off, and you'll think the same. Corrupt profiles are the norm, not the exception. But that's just my experience - at the time 85% of the enterprise (170K users) were forced into it. After examining the support cost, I'm pretty sure some heads rolled...
Click to expand...

We do not allow users to shut down, they can only Reboot. We do have deep sleep modes enabled. We don't have a lot of problem with corrupted profiles, maybe once or twice a year.

But then again we have only 330 users, not 170K and we are all gigabit to the desktop with a 10GB fiber backbone between the switches.
 
REDYOUCH said:
You should create a "personal" share for each user as well as a "common" data share for all to view. Map these as a drive from each workstation. Obviously, these should be on your "server" or a possible new "file server". Have all users put their important company data on these shares, with a policy that no important documents be saved to desktop. (you may want to take someones suggestion to redirect "my documents" as most end users are idiots, and may not know how or where to save files).
Click to expand...

SBS already does that by default, creates a user folder when you add a user. You don't need to create it.
It has a built in GPO to redirect users My Documents to it....not enable by default...but one "click" on server manager..and it's in place.
 
brons2 said:
What a ridiculous statement. We are routinely asked to implement new products at the whims of management, things we know nothing about.

Please find me the IT person that knows everything about every product. They don't exist.
Click to expand...

I agree with you, but asking about backups, creating shares on a "file" server and simple AD setup is far from implementing new products.

brons2 said:
We do not allow users to shut down, they can only Reboot. We do have deep sleep modes enabled. We don't have a lot of problem with corrupted profiles, maybe once or twice a year.
Click to expand...

"We do not allow users to shut down?" I am sure if they wanted to, they would reach under the desk and pull the plug. Despite trying to have the best policies in place, I am sure there is the ever-empowered user who thinks a hard-reboot solves everything...

And the problem is far from a "corrupt" profile; that happens next to never. The problem is with the user placing too much data into their profile and then attributing their untimely login/logoff times to a different problem.



..I was just stating that it seems the OP is a little over his head...
 
Redyouch, in a way i agree with you. I should know more of this stuff but i dont live in the States, i dont manage 170k users and honestly, forgetting all about backups is pretty much the norm around here.

I want to change that. Besides I do have backups in place (check the other thread) and i do know how to create file shares and whatever (duh).

But my current backup procedure is for the server only. I want to start backing up the users machines too.

PS. Fuck you.


YeOldeStonecat, i know about MyDocs redirection and i've seen the option there, on the Server Management console, somewhere.
I have also done this in the past on a Win 2003 Server Std (a combo of home folder and a mapped drive on a startup script iirc).

But this time i'm concerned about the rest of the user profile (desktop, bookmarks, etc). I want to look for the best/most efficient solution, i want to open discussion on this to see and learn how all you guys save your damned user files.

I thought about buying a second server with Win 2003 Server, make it a member server and enable roaming profiles that would be saved on this server instead of the main one (SBS). Would this increase speed?


I also have some questions:

1) If i enable MyDocs redirection, it doesnt move the files that are already on the users machines right? So how do i manage that?

2) With MyDocs redirection, everyone will be opening/saving their "My Documents" files directly on the server right? What happens when the server is offline, or there is temporary network outage? I dont remember how "offline files" work anymore.
 
YeOldeStonecat said:
I think he's confused as to "domain"....
He states this...
"# Windows 2003 SBS Premium .
# This is the local domain controller, fileserver, internet sharer (ISA), Exchange server.
# This is not yet hosting a domain (.com or whatever) "

So he's running SBS Premium...which is a domain controller. Thus he is running active directory..so he has his own domain. I think when he states that it is not running a domain yet..he's talking about a web server...which most certainly you don't want to host your own website on a domain controller....but at a webhost.
Click to expand...


There is no confusion, well maybe in my selection of words.

What i meant is the domain is only .local, there is no other DNS setup (yet).
So Exchange is only serving local mail (which very few users use) plus the 5 external accounts.
 
SpaceHonkey said:
I personally would never recommend using roaming profiles. The first time a user gets tired of waiting on the network/server while shutting down and decides to just power off, and you'll think the same. Corrupt profiles are the norm, not the exception. But that's just my experience - at the time 85% of the enterprise (170K users) were forced into it. After examining the support cost, I'm pretty sure some heads rolled...
Click to expand...

I find this comment completely illogical, who would sit there and wait for their computer to shut down :confused:

I support about 20 companies and all but one has roaming profiles, the amount of users range from 5 - 100 and corrupt profiles is definitely rare, I have had to fix 3 corrupt profiles this year (yes 3 out of all 20 of my companies) corrupt profiles are usually caused by poor network hardware/design.

SBS with 20-30 users will be fine with roaming profiles, however you must redirect My Docs somewhere else, otherwise you will have massive delays when logging in, you may also want to look at redirecting application data.

You will need to copy everyone's profile to the server, do this by right clicking my computer | properties click on the advanced tab, click on profiles button, click on the user profile you want to copy, choose the path to copy to and who will have permission to use it, once done, update the AD account so that the profile path points to the new location.
 
Deimos,

can you explain how i use MyDocs redirection and roaming profiles at the same time?
 
Under each users account you can specify the location of the profile...

Found this example picture...
user_profiles.gif


Change "Connect [driveletter] to [\\servername\sharename\]

Create a share for each user on the SBS server "users" folder/drive.

Then through group policy rereoute my docs to that drive letter...

I think that should cover it..


ps: this is hardforums, everyone is a d!ck
 
YeOldeStonecat said:
Small Business Server does support roaming profiles. However..with large amounts of users, and the server running on only SATA drives...it will be sluggish.

SBS should have 4 gigs of RAM in it..only 1 gig...yikes...ugh. RAM is cheap, she'll run a bit snappier (limited now by the SATA drives). Stuff it.

Get those Outlook users on the Exchange Server..else you're wasting a good portion of the value of SBS. Import those PSTs and dump 'em.

SBS has great built in backup program.

SBS also has a great built in GPO for folder redirection...it's preset to redirect the clients My Documents to the users default share on the server. This way the nightly backup on the server will cover the workstations My Docs folder. Nice 'n easy eh? ;) Not really any other reason to backup the rest of the users profile...just tell people to keep company data in their My Docs folder..and behind the scenes it's automatically on the server. With Outlook set to Exchange...that's also on the server..and backed up. Desktop stuff? Train them the proper way.....keep documents in My Docs...drag shortcuts to their desktop if they insist on desktop shortcuts.
Click to expand...

The absolute best suggestion for him would be Roaming Profiles + My Doc redirection

This will keep the profiles small by letting my documents redirect to a different share. And keep a copy on the server.

I use this with a few clients, use cached profiles on the workstations to improve performance if you choose.

However i would go with this setup, it maximizes flexibility and you only have to backup the shares on the server
 
Ok, k1pp3r

I will probably go this way (roaming + redirection) .

But.. what happens to the laptops, when they're out of the office ?
 
REDYOUCH said:
Then through group policy rereoute my docs to that drive letter...
Click to expand...


You don't want to do it exactly like this, first problem is mapping My Docs to a drive letter, quite often the drive doesn't map properly and you will run in to problems there, instead, you should redirect to a hidden share e.g.

create a share on the server called \\servername\users$ and make sure you set share permissions and NTFS permissions so that everyone can modify

then when setting up the group policy point it to \\servername\users$\%username%\My Documents

(yes, actually type in %username%) and tell the policy to move my documents to the new location, that way you don't have to create a folder for the users, it will do it by itself when the policy is applied.

As for laptop users, you need to set up a policy for offline files, or just ask the user to enable it, My Documents will be made available offline by default, then when the user connects to the network they will syncronise with the server.
 
Oh yeah, and as for the roaming profile for laptop users, after the first time they log in, a local copy is cached on the PC so they will still be able to log on, however, make sure you let your users know there is a change, because when the log on away from the network, windows pops up with a message (it looks like an error message) saying thier roaming profile can't be found and windows is logging them in with a local copy, changes won't be saved etc etc otherwise you will be getting phone calls after hours asking "what does this mean?"
 
Deimos said:
Oh yeah, and as for the roaming profile for laptop users, after the first time they log in, a local copy is cached on the PC so they will still be able to log on, however, make sure you let your users know there is a change, because when the log on away from the network, windows pops up with a message (it looks like an error message) saying thier roaming profile can't be found and windows is logging them in with a local copy, changes won't be saved etc etc otherwise you will be getting phone calls after hours asking "what does this mean?"
Click to expand...


Not exactly true, the profile will be cached, however the document redirection will not. In order to do this, you will need the documents to be a different share, then enable them to be synced offline.

In your AD structure create an OU for only laptop users, and set an offline file sync for them. Only problem with this is there is a known MS issue with icons reappearing because of the current sync algorithim used. So you may have a few issues, but i have gotten it to work.
 
Thanks for everyone that posted so far.

I will implement these ideas and most proabably post back with questions :D
 
You must log in or register to reply here.
Back
Top