Backup Facility

Amanda,

This web interface can be used to let your users register their Windows Microsoft PC to Amanda backup.

First the user has to set a special backup user and to define shares to be accessible for backup. Then, using the interface, the user can add the shares to Amanda, as incremental backup or as full backup only. The interface script will modify the DLE and amandapass files accordingly.

This interface is written in PHP (with a small part in Perl) and should run on the Amanda server. It will create a temporary file that contains the password for the shares. Just before Amanda dump, a Perl script is used to merge this temporary password file with amandapass file.

So far the interface has been tested for Windows 2000 and Windows XP only. It should work with Windows NT; the part about old Windows 98 exists only as a phantom. I will add Windows Vista as soon as I have the need for it.

I once wrote this interface in Perl and I recently ported to PHP. I have not formal and nice distribution package, this interface was written for our internal usage only, but you can download it anyway.

Amanda backup system

Amanda is an automated system for backing up and recovering disk and file systems, that have been developed by the Univerity of Maryland.

Amanda can be installed on multiple platforms, it runs over a network, so a single amanda server can backup multiple workstations, and taking advantage of Samba, it can be used to backup disks over a Microsoft network.

Amanda runs along a cycle, after which the backup tapes are reused. It can perform two types of backup:

  • full only, where the files are saved only once per cycle;
  • incremental, where the files are saved once, then new or modified files are saved at every run.

Backup policy, as implemented at CSIM is as follow:

  • backup run over three weeks cycle, no recovery can be made that is older than three weeks;
  • backup are starting at 00:45 on Tuesday to Saturday. Backup are run at night to avoid loading the network during the day;
  • user’s files (including email) are backed up at each run, doing incremental backup. A full backup of every user’s files is done once per cycle;
  • system files are saved in full backup type, only once per cycle;
  • Microsoft Windows system will allow to save up to three shares in full type, and up to two shares in incremental type. It can only backup directories and does not offer any way to backup a complete hard disk;
  • there is no way to know, nor to enforce the day when Amanda runs a full backup of the user’s files;
  • backup is meant for disaster recovery, not for user’s mistake recovery. Given the fact that only one run is made per day, it is not realistic to ask for recovering a deleted email that was received only hours ago, it had not been backed up yet.

Note: limitation on the backup for Microsoft stations makes it necessary that an agreement is obtained among the many users of a shared machine. Back up will never work properly if one user decide to bak up one directory one day and another user change it to another directory another day. A good way to proceed would be to define a common directory called C:\users\ and to put individual files in sub-directories. C:\users\ should them become the share to backup.

Note: backup will only be performed if the computers are running at the time of the backing up.

Backup of Unix server

This will be done on a case by case. Obviously, you must install Amanda client on the Unix system you intend to backup.

Backup of Windows XP

Before Amanda can backup any Microsoft Windows file, the files or directories must be made accessible to Amanda. This is called sharing a directory. This directory become a share.

Step 1: setting up the network

Before any sharing can be done, the network must be configured to allow such operation.Open Start/Settings/Network Connections/Local Area Connection and click on Properties.Make sure that the needed services are present: Client for Microsoft NetworksFile and Printer Sharing for Microsoft Network and Internet Protocol (TCP/IP).
Local Area Connection

Local Area Connection Properties

Step 2: creating a user for backup

Windows XP can have multiple users, each with some restriction on the access to the computer.

To backup Windows XP files, you must first create a user that will have backup access to the computer. Do not use the administrator account or password for backup purposses.


Computer Management
Group membership for a new user
The program to add new users is accessible through Start/Programs/Administrative Tools/Computer Management.Select System Tools/Local Users and Groups/Users and click on Action/New User…You can then provide the information for the new user, including user name and password. You will give these name and password to Amanda later, so make sure you remember them.Note: user name and password must contain only letters and numbers. Spaces are not allowed.Select the box so the password will never expire.From the list of users, double click on the new user you have just created so you can edit the properties. Under the tab Member Of, make sure that the backup user belongs to the Backup Operators group.To add the Backup Operators group, you must make sure that the Object Types is Group and the Location is the name of your computer. If you click on Advanced and Find Now, you will be able to select from a list of groups.Note: the name of the group is in the form MACHINE\Backup Operators.
Adding a new user
Add the Backup Operators group
Select a Group from a list

Step 3: creating a share

Shares can now be created. Open a Window explorer select the directory you want to share and open the properties dialog box. This is done with the right button of the mouse.


Select properties of a directory
In the properties dialog box, on the Sharing tab, you must first select the button that allows to share that directory.Then you must select a name for that share. In selecting the name, you must make sure that only letters and numbers are used.Upper case and lower case letters are equivalent.Do not use space in the share name.Click on the Permissions button for the next step.
Sharing property

Give permission to the share
Permission can be given by group or by user.Make sure the backup userexists with Full Control access, else click on Add button to add it to the list of permitted users.You can choose to add only the user that you had created above, or to add all the backup group.Double click on a user name to check his permission access.

Security property
Select the Security tab from the Properties dialog box.Make sure the user you created for backup purposes, or the Backup Operators group is present in the list and have Full Control access. If not, you can add them like above.Once it is shared, a directory will appear with a hand holding the folder icon, to remember that this directory is shared.
A shared directory

Step 4: Turn off the firewall

In some case, Windows XP will not let you access to your PC with this interface. You must turn off your firewall.


Windows Firewall
Click on Start/Settings/Control Pannel/Windows Firewall.Click on Off.  Very Important
Remember to reactivate the firewall when you are done with the configuration of the backup.

Step 5: adding the share to Amanda

List of valid shares: shares with space or invalid characters in the name are not listed. For each share, you can select the type of backup, full only or incremental, or no backup at all.