Forum Discussion

rlittletht's avatar
rlittletht
Level 3
8 years ago

Windows 10 System State restore fails

I'm trying to simulate a disaster recovery on a windows 10 system. The only changes to the system beyond a bare Win10 installation were: Skype installed with credentials saved and a registry entry cr...
15
Windows 8
  • rlittletht's avatar
    rlittletht
    8 years ago

    Sigh. Got it.

    Quick summary: My original restore simulation didn't "overwrite existing files" even if the existing file is newer. All subsequent tests restored System State, and the portion of the registry in question is not part of the System State. So if I had just checked "overwrite existing files" everything would have worked.

    Long story (for anyone wanting to learn from my mistake).

    Simplified Disastry Recovery (SDR) automatically selects everything you need (and a whole lot more) in order to restore the system completely.

    If you manually select items, you better know what you are doing. There are many parts to the Windows registry. MOST of it is backed up with System State (the SYSTEM, DEVICES, SOFTWARE, etc., hives). However, HKEY_CURRENT_USER (for each user) is stored in NTUSER.DAT in the users profile directory. This is NOT backed up as part of the System State backup.

    In order to successfully restore a complete system (or as complete as you backed up), here are some tips:

    First, make sure you have backed up the right things. In my case, I was backing up the entire C:\ drive except for a single subdirectory (__nobackup), so I was fairly confident I had all the raw data backed up.

    Now you have at least 2 things to restore: The System State for the machine and the Files/Folders that you backed up. BOTH of these backups must specify "overwrite existing files" (don't let it skip files that already exist. For the registry, these files will always exist on the restore target machine, and they will always have a newer timestamp than the backup. You must always overwrite).

    For Windows 8 and later machines, you will run into a ton of Access Denied errors due to the new app model with Windows (TrustedInstaller owns files in the Program Files/WindowsApps folder, and even Backup Operators can't write into those folders). These Access Denied errors will ultimately cause the restore to report an overall FAILURE (I wish Backup Exec would list those as exclusions instead of an overall restore failure!).

    After you reboot the target machine, you should have the entire registry as well as files/folders restored.

     

GaneshTambat's avatar
GaneshTambat
Level 2
8 years ago

SDR restore would be a better alternative in such scenarios. 

The WindowsApps folder related issues are known issues and will be taken care of in future FPs.