Windows Server 2003
1839269 Members
3498 Online
110137 Solutions
New Discussion

Re: Copy Documents and Settings from server A to backup server B

 
John R. Garrett
Advisor

Copy Documents and Settings from server A to backup server B

Greetings all.

Server A - Windows 2003 Standard on a Proliant ML370 G4.

Server A - Windows 2003 Enterprise Evaluation on a Proliant ML150 G2.

Network - Simple Active Directory, both server A and B are BDCs.

I am using RoboCopy to mirror all my terminal server user accounts (Documents and Settings)from A to B so I can take the production server A down and update firmware and such fun. ntuser.dat is being copied.

Users use RDP clients to connect to Terminal Server.

However, when I test the theory by having a user RDP to Server B a new profile is being created. Sysinternals PsGetSid utility displays the the same SID for both servers. The user has the same SID. I guess this is a function of Active Directory.

Why is a new profile being generated on server B when Active Directory is in use and the user already has a existing profile on server B?

I am a programmer at a small non-profit with just enough network administration experience to make me semi useful, although I have done some things since I got here that have helped.

For example, I renamed the Active Directory from a single label domain name to a dual label domain so that Dynamic DNS works.

However, the solution to this problem is eluding me and I would appreciate any help.

Thanks.

John Garrett
8 REPLIES 8
WillNiccolls
Advisor

Re: Copy Documents and Settings from server A to backup server B

John,

Are you using the robocopy options /SEC or /DATS to get all the file security attributes and settings? It is possible that the users don't have access to their profiles because they don't have the correct permissions.

Check the ACL's of the profiles and compare them to the ones on Server A.

John R. Garrett
Advisor

Re: Copy Documents and Settings from server A to backup server B

WillNiccolls

>Check the ACL's of the profiles and compare them to the ones on Server A.

Ok. Just got to work, but I will look at this ASAP.

Thanks.
John R. Garrett
Advisor

Re: Copy Documents and Settings from server A to backup server B

WillNiccolls,

I am using the /SEC parameter.

The basic syntax used is:

robocopy \\serverA\documents and settings\user1 \\serverB\documents and settings\user1 /COPYALL /B /SEC /MIR /TEE /R:0 /W:0 /LOG+:C:\backupLog\log1.txt /NFL /NDL

I am using 'showacls' right now, running it in a user profile directory.

I see the exect same thing in the user directory on both server A and B, for example:

C:\Documents and Settings\jseitz\
CWCC\jseitz Special Access [A]
NT AUTHORITY\SYSTEM Special Access [A]
BUILTIN\Administrators Special Access [A]

Is there something special I should be seeing?




WillNiccolls
Advisor

Re: Copy Documents and Settings from server A to backup server B

You might try using roaming profiles--the profile exists on a share, and it is saved when a user logs off. It's well documented on MS site, the basics are that you set up a share, and point the user's profile to the share in their AD account properties. First time they log off, it is copied to the share. Only incremental changes are saved, so most logoffs are pretty quick.
WillNiccolls
Advisor

Re: Copy Documents and Settings from server A to backup server B

Matt Emmott
Occasional Advisor

Re: Copy Documents and Settings from server A to backup server B

Hi John,

This seems like a lot of work for something that sounds like a temporary fix - You say that you're taking Server A down to update it. Does that mean that you're going to move the users back to Server A once it's updated? Why not run the updates on a Friday night or something and have everything back to normal on Monday?
John R. Garrett
Advisor

Re: Copy Documents and Settings from server A to backup server B

Matt & Will,

Thanks for responding.

The senario is this. Small non-profit that has a Windows 2003 Server based network.

About a year ago I arrived on the scene. No roaming profiles. Active Directory did not function because the 'experts' who set the network up gave the domain a single label.

The domain has been renamed and I am working towards implementing roaming profiles. However, the PDC (Proliant ML570) has a grand total of 16 Gb of storage. Of that 16 Gb of storage 6 Gb is free.

I have the main production server (Proliant ML370 G4) that serves as a file server and a terminal server. The Terminal Server users connect via a thin client 'WinTerm'. No roaming profiles, the profiles are local to this W2k3 Standard server. The ML370 is Server A, and has 135 Gb of storage with 95 Gb free space.

The day before Labor Day Server A died. I had about 50 Therapists and Psychologists standing around because the Center uses a Electronic Records system. I restored from tape in about four hours.

But I would just as soon never be left in that situation again.

About a month ago the powers ok'd the purchase of a ML150 with 135 Gb of storage. This is Server B. This is my 'backup' server in case Server A ever decides to die again. A great step forward in that it is enough server to at least run Terminal Server in case of an emergancy.

So I have created scripts to move all the Documents and Settings from Server A to Server B.

I have figured out the owner of such files as ntuser.dat after the robocopy was being changed to builtin\administrators. Using:

subinacl /subdirectories "C:\Documents and Settings\\*.*" /setowner=CWCC\

and

cscript.exe "C:\Program Files\Windows Resource Kits\Tools\xcacls.vbs" "C:\Documents and Settings\\*.*" /G cwcc\:F /E

and

Import the users profile registry on Server A at:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList

to the registry on Server B.

That ABSENCE of the registry value on Server B resulted in a new Profile being created when the user logged onto the server. It makes perfect sense now, but until I understood the process I was just very perplexed.

The hint to look at ACLs (Will?) was what got me going in the right direction.

So I have the system working. Every night the contents of the user profile is copied from Server A to Server B. Then a script on Server B corrects ownership and permissions on the profile so the user can use the profile.

I have imported all the user profile registry keys from Server A to Server B.

If Server A dies all I have to do is change the IP of the Terminal Server in DNS and all thin clients will connect to the Terminal Server service on Server B. Everyone's files are on Server B, as well as email.

So this is where I am now.

I want to implement roaming profiles. But the lack of disk space on the PDC is a problem.

Suggestions?

Thanks everyone for responding.

John R. Garrett
Advisor

Re: Copy Documents and Settings from server A to backup server B

Thanks again for all the help!