JSI Tip 6748. Shadow Copies of Shared Folders: Frequently Asked Questions.
May 22, 2003
The Shadow Copies of Shared Folders: Frequently Asked Questions page contains:
These frequently asked questions and answers address issues regarding Shadow Copies of Shared Folders in Windows Server 2003.
Q. I'm logged on locally to the server. How do I access shadow copies?
A. This feature requires the Common Internet File System (CIFS) file sharing protocol to work—even if you are working on a server that stores shadow copies locally. Therefore, to see previous versions, loop back: for example, from Start, Run, connect to \localhostc$. This will enable the client running on the server to access previous versions.
Q. I know I've enabled shadow copies on my server, but from my client computer I don't see previous versions of a file. Why?
A. The client computer user interface (UI) shows only previous versions that are different from the current version. If your file hasn't changed from the previous versions that are stored on the server, then the client UI will not show any previous versions.
Q. I installed Windows Server 2003. To enable shadow copies, do I need to have a dedicated data volume?
A. You can take shadow copies of any NTFS volume and store shadow copies on any NTFS volume. The volume you choose to take a snapshot of and the one used for storing the snapshot can be the same—this is actually the default configuration.
Q. If I enable Shadow Copies of Shared Folders on my system volume, will it take a snapshot of everything? For example, if I install a service pack, will my DLLs (dynamic link libraries) have previous versions available?
A. Although you can take shadow copies of any NTFS volumes and place the shadow copy storage on any NTFS volume, Shadow Copies of Shared Folders is not a backup or archival solution. Microsoft does not recommend that Shadow Copies of Shared Folders be used for DLL recovery.
Q. What are the performance implications for using Shadow Copies of Shared Folders?
A. Shadow copies use a copy-on-write mechanism to preserve the volume image at points in time. This incurs a runtime cost.
For lightly loaded servers, both in terms of input and output bandwidth and disk space used, the cost of maintaining shadow copies should not be noticeable. If the server is lightly loaded overall, there should be no adverse performance effect due to excessively large individual files—for example, a handful of users who store Microsoft Outlook personal file folders (.pst) on the file server.
For heavily loaded servers, you should dedicate a disk for shadow copy storage. This will eliminate extra disk head seeks caused by the copy-on-write algorithm.
It is not possible to give precise metrics on the performance overhead of shadow copies, because performance is highly dependent on workload.
Q. How does security work?
A. There are two key points with shadow copies and security. First, access control lists (ACLs) are preserved in each shadow copy; these ACLs are used to control who is able to read files on the shadow copy.
For example, if Fred has access to a set of files at 7:00 A.M., he will have access to those files on the 7:00 A.M. shadow copy. Likewise, if he does not have permission to read those files, he won't have access to them on the shadow copy. However, when reverting a file to a shadow copy version, the ACL that already exists on the file is preserved.
Q. Can I revert an entire volume to a shadow copy? For example, if a virus hits at 4 A.M., and my computer created a shadow copy at 2 A.M., can I revert my disk image to the way it was at 2 A.M.?
A. The client user interface provides a way to recursively recover files in a folder. However, this will never delete files, so it will not truly revert a disk to an earlier point in time. It is also not efficient, and Microsoft does not recommend doing it for large quantities of data.
If you need to revert an entire disk to a previous point in time, you should restore from a backup medium.
Q. How do I administer shadow copies using scripts?
A. Two command-line tools enable you to administer shadow copies using scripts. "Vssadmin" lets you create shadow copies and configure settings for the shadow copy storage areA. "Schtasks" lets you create and configure scheduled tasks. Using these tools you can automate every administrative task involving shadow copies.
Q. Why isn't the Recycle Bin sufficient for reverting back to a previous version of a file?
A. Ever since Windows 95, Windows has provided a way for customers to undelete files: the Recycle Bin. However, two factors limit the usefulness of the Recycle Bin for knowledge workers.
First, it can only be used to recover files that have been deleted by an application that is Recycle-Bin-aware, such as Microsoft Explorer. The Recycle Bin cannot be used to recover files deleted at the command line, for example, nor can it be used to recover old versions of files that have been modified.
Second, and most important for knowledge workers: the Recycle Bin does not work for files stored on network shares.
Q. Can Shadow Copies of Shared Folders be used on a file allocation table (FAT) volume?
A. No. Shadow Copies of Shared Folders is an NTFS feature.
About the Author
You May Also Like