Project:Amanda Enterprise 3.0 > Zmanda Windows Client Users Manual

Zmanda Windows Client Users Manual

Introduction

Zmanda Windows Client (or ZWC) backs up data from Microsoft Windows clients to an Amanda backup server. It is compatible with the following operating system versions:

     
  • Windows XP Pro (Service Pack 2) running on the x86 & x64 platforms
  • Windows XP Home (Service Pack 2) running on the x86 & x64 platforms
  • Windows 2003 Server (Service Pack 2) running on the x86 & x64 platforms
  • Windows Vista (Service Pack 1) running on the x86 & x64 platforms
  • Windows 2008 Server and R2 release running on the x86 & x64 platforms (requires Zmanda Windows Client 3.0.3 release)
  • Windows 7 running on the x86 and x64 platforms (requires Zmanda Windows Client 3.0.3 release)

 

Requirements

Zmanda Windows Client uses Volume Shadow Copy services. Volume Shadow Copy service must be started and must not be disabled on the Windows client.

Windows clients must open inbound TCP ports 10080 and 10081, and outbound TCP ports 700:800. On Windows XP Pro with SP2, Windows Vista, Windows 7 and Windows 2008, ZWCService.exe added to the "Exceptions list" during ZWC installation if the Windows firewall is turned on.  Please ensure that these ports are not used by other software. Some Anti-Virus software are known to use these ports. Please contact Zmanda Support if you need help in avoiding port conflicts.

The Zmanda Windows Client utilities such as ZWCconfig and ZWCsupport must be run as Administrator (either logged in as Administrator, or by right-clicking the utility from the Windows Start menu and choosing Run as administrator.)

Downloading and Installing Zmanda Windows Client

Important Note: During installation, an amandabackup user account is created on the Zmanda Windows Client using local rules (i.e., Domain Controller/Domain/Standalone Workstation) for password creation. These OS users run backup and restore processes. When you change the account passwords eventually, be careful to ensure that security policies (such as strong passwords, password expiration) are followed. If an amandabackup user password expires, the Zmanda Windows Client service will fail to start, returning a Login Failure message.

  1. Download the Zmanda Windows Client software from the Zmanda network downloads page. Please have your Zmanda network Username and Password ready; you will need them to access the download page. Depending on the licenses you have purchased, the downloads page will let you download packages for 32- and 64-bit server and desktop installation options.
    Desktop versions are required for Windows XP, Vista and Windows 7, server versions are required for Windows 2003 and 2008 server. You should install the 32-bit version on 32-bit platforms and the 64-bit version on 64-bit platforms.
  2. Extract the zip file to the appropriate Windows machine and run the Setup.exe program.
  3. Follow the on-screen instructions. When asked to select an installation directory, you may want to change from the default location (C:\Program Files), as the Zmanda Windows Client internal databases can consume a lot of disk space and also affect the performance of other applications that depend on the same disk when processing backups. You will also need to set a password for the amandabackup user on the Windows client. You will also need to know the Fully Qualified Domain Name or IP address of the Amanda server to which this client will back up. Multiple Amanda servers can be added using comma-separated syntax.
  4. If there were any problems or errors, please see Installation Troubleshooting section.

Unattended Enterprise Installations

Because the Zmanda Windows Client is packaged as an .msi file, you can use the Windows Installer tool (msiexec.exe) in conjunction with other enterprise deployment and distribution tools (either from Microsoft or other vendors) to perform multiple, unattended installations in a large-scale environment. Enterprise installation tools are described in more detail here.

The msiexec command line to perform an unattended installation of the Zmanda Windows Client is:

msiexec /package [path\]ZWCInstaller.msi /passive /norestart /l C:\ZWCInst.log

The example above causes the Windows Installer to display a status bar and log any installation messages to C:\ZWCInst.log. To run the Installer without the status bar, use the /quiet option. You can also specify different paths for the ZWCInstaller.msi and log file if desired.

Installation Troubleshooting

If the installation failed for some reason, the ZWC installer rolls back the installation to the last working configuration.

The installation program logs messages to the following locations:

  • The Windows $temp directory (MSIMM:DD:HH.txt) The MSI-generated files are named by date and time rather than by the software being installed.
  • Successful installation messages are logged to C:\Program Files\Zmanda\Zmanda Client for Windows\Debug\LogFile.txt
  • Installation failures are logged to C:\zwc_install.log.

Installation can fail for a variety of reasons. For example, the user set a Password not conforming to Windows requirements, or running the installation program without the necessarily permissions. The log messages will explain what went wrong.

Changing the Location of the Installation Data Directory

Depending on the size of backup sets and the number of backup runs scheduled for your organization, the Zmanda Windows Client can consume a lot (>1G) of disk space, and also affect the performance of other applications that depend on the same disk while backups are running. The files that tend to grow are listed below:

  • c:\program files\zmanda\zmanda client for windows\MySQL\data is where the catalog file(s) are stored. If you move these files, the new location must be specified in the ZWC my.ini file. This database stores the list of files backed up along with their metadata. This information is stored between full backups so that files already backed up are not included in incremental backups. A full backup of a directory will cause all the information stored about earlier incremental backups to be removed (and hence the database size is reduced). The size of the database is directly proportional to the number of files in the directory or volume being backed up.
  • c:\program files\zmanda\zmanda client for windows\misc is where the backup set header files are stored. This location can be changed using the ZWCConfig utility.
The database stores the list of files that are backed up and their meta data.
This information is stored between full backups to track what was backed up and
determine what should be backed up in incremental backups. Doing full backup of
the directory will cause all the information stored about earlier incremental
backups to be removed (and so database size will be reduced).  

The size of database is directly proportional to number of files in the
directory or volume being backed up.

If you find that the ZWC installation is consuming too much disk space while processing backup sets, you can move location of these files. There are two methods of doing this:

  • By uninstalling ZWC and re-installing it on a different volume (preferred).
  • By manually moving the catalog and backup set header files and editing the my.ini file and Windows Registry to specify the new locations (see the steps listed below).
  1. Use the Control Panel to stop both the ZWCService and the ZWC-MySQL services.
  2. Move the data directory under ZWC_Installation_Directory\MySQL\Data to the new location. For example, move C:\Program Files\Zmanda\Zmanda Client for Windows\MySQL\data to F:\MySQL\data
  3. Open ZWC_Installation_Directory\MySQL\my.ini and put the following entry under the [mysqld] section:

    ----------------------------------------------
    [mysqld]
    datadir=SQL_data_dir

    ----------------------------------------------
    where SQL_data_dir is the new data location.
     
  4. Run the ZWCConfig utility. In the Advance tab, edit the location of temp dir.
  5. Start the ZWC-MySQL service.
  6. Start the ZWCService service.

Backing Up Windows Clients

Windows clients can be backed up using a number of different methods. The method you choose will depend on:

  • the version of Windows running on the client
  • whether applications are being backed up
  • other requirements you might have for backing up Windows servers and workstations.

There are four methods that require the Zmanda Windows Client (CIFS/Samba-based backup does not require that the ZWC is installed):

  • Windows File System
  • Windows System State backup provides a point-in-time snapshot of core Windows system files (including registry, Active Directory).
  • Windows Templates are useful when you wish to
    • create consistent backup of files/directories across drives and partitions on a Windows client.
    • Configure pre-backup and post-backup scripts on the Windows client to perform such actions as deleting temporary files, sending out user notifications, etc.

Windows templates are described here.

  • Windows Application Agents. These separately-licensed modules allow you to backup applications such as Exchange, Oracle, and Microsoft SQL.  See the Zmanda Application Agents guide for details.

ZMC/AEE allows concurrent backups of at most one application backup object (such as Oracle or MS Exchange) and either one Windows filesystem backup object or one Windows template backup.  Editing DLEs using the ZMC will result in all windows backup object/DLEs having spindle values supporting this behavior.

However, note that the Windows template backup object type does support multiple concurrent filesystem-based DLEs (for example, the Program Files and My Documents folders).

Please make sure no other backup software is scheduled to run at the same time as the Amanda Windows Client backup.

Windows File System Backup

The Zmanda Management Console (ZMC) allows backup objects (also known as Disk List Entries or DLEs) with different Host Types to be included in the same Backup Set. Disk List Entries for Windows Clients resemble entries for other host types (Linux, Solaris, etc.).

backup_what_windows_fs.png

The only way in which Windows clients are treated differently is this: When Windows directory paths are specified by back slashes, ZMC converts them to forward slashes. For example, ZMC converts the path C:\abc to C:/abc. On the Restore What page, all paths are displayed with forward slashes.

See the help topic for Backup What for details on exclude files, encryption, compression, etc.

Backing up Windows-Mapped Drives

The Zmanda Management Console can back up mapped drives on a Windows client provided the drives have been mapped from the 'amandabackup' account on the Windows machine. This constraint is because XP, Vista, Windows 2003 server drive letters are not global; different users can map different directories on different servers to the same drive letter. For further information, see the article "Backing up network mapped drives on Windows clients" on Zmanda's Knowledgebase.

  • Note: The Zmanda Console Manager does not currently support restoring to a mapped drive using the Zmanda Windows Client.

Backing up Windows Applications

If you have purchased and installed the relevant Zmanda licenses, Amanda Enterprise can perform intelligent backups of selected Windows applications such as Exchange and Oracle. These backups use Microsofts VSS (Volume Shadow Service) to capture a consistent copy of the database(s) in question.

Refer to the Zmanda Application Modules User Guide for further details.

Backing Up Hardlinked Files

If only one of the hardlinked files is present in the backup set, then the information about its other hardlink files will not be backed up. Also at restore time, if only one hardlink file is selected for restore, then its other hardlink file will not be restored. Please see this Zmanda Knowledgebase article for details.

Restoring a Windows Client

The Restore procedure for a Windows client similar to the procedure for other clients. Note that you cannot restore a Windows backup to a Linux/Unix destination host.

Completing the Restore Where page for Windows Clients

Destination Host Type

Choose Windows instead of Linux/Unix. Fig. 2 Destination Host Types

  • When the Destination Host Type is Windows, the Destination Username is always amandabackup; the field cannot be edited.
  • The Temporary Directory setting has no impact on Windows Client restores.
  • If data backed using Zmanda Windows Client is restored to any Host Type other than Windows, the restore fails, returning an error similar to the following error:
"ERROR: Error uncompressing the backed up data
This backup cannot be restored to a Linux destination host."
  • The following errors are returned if you attempt to restore Linux/Unix backups to a Windows client:
“ERROR: THE GIVEN BACKUP CANNOT BE RESTORED TO A
WINDOWS DESTINATION HOST
ERROR RESTORING THE SELECTED FILES
RESTORE COMPLETED WITH STATUS FAILURE”

Destination Directory

The Destination Directory specifies the client directory on which ZMC will restore the files (the default is to restore to the original location). If a Restore fails while restoring to Zmanda Windows Client and displays the following error, please refer to the Debug log files located in the Zmanda Windows Client Installation folder for details:

"ERROR: Client Reported Error while Restoring
Error restoring the selected files"

Note: Restoring C:\Windows directly is not recommended because the system files may be open. Use a Windows System State backup image (see the next section) to restore files to C:\Windows.

Windows system state backup and recovery

Windows System State refers to a collection of several key operating system elements and their files. Backing up the Windows System State is crucial for a successful disaster recovery strategy. Zmanda Windows Client can back up the Windows System State of Windows 2003 Server (with or without AD), Windows XP, and Vista clients. Windows System State is always a full backup (level 0).

The system state can be restored to the original location or a different location. Partial restoration of Windows System State can be done only to a different directory location. Windows System State files require special handling to back up because they are always locked.

Restoring a system state backup from one computer to a second computer of a different make, model, or hardware configuration is not supported. See the following Microsoft Knowledgebase article for details:  http://support.microsoft.com/kb/249694

Depending on the type of Windows system, Zmanda Windows Client software backs up the following System State information in comprehensive and coherent fashion:

Workstations

Workstation in this context means any Windows XP machine or any Windows Vista or Windows 2003 server machine which does not have Active Directory (AD).

  • Boot Files:
  • On Windows XP and Windows 2003: SystemDrive\NTDETECT.COM, SystemDrive\ntldr, SystemDrive\boot.ini (SystemDrive is usually c:).
  • On Vista: SystemRoot\boot directory (SystemRoot is usually c:\windows)
  • Catalog files: SystemRoot\System32\CatRoot\.
  • MachineKeys Files: SystemRoot\System32\Microsoft\Protect\* and AllUsersProfile\ApplicationData\Microsoft\Crypto\RSA\MachineKeys\* where ALLUSerProfile is c:\Documents and Settings\All Users.
  • Performance counters: perf*.dat and perf*.bak files in c:\windows\system32 on all OSs.
  • WFP files: All dll and exe files that come under Windows File Protection (WFP). Usually the dll files reside in c:\windows\system32
  • IIS metadata file if IIS is installed (applicable to all OSs).
  • Certificate Database (Applicable to only Windows 2003 server that are Certificate Servers): files in c:\windows\system32\certsrv
  • COM+ registration database.
  • Registry: System, default, SAM, Security and Software files in SystemRoot\system32\config and additional Components and Schema files in Vista.

Domain Controllers

A Domain Controller (or DC) is any Windows 2003 machine with Active Directory installed. DC backups include all of the state information listed above for Workstations, plus the Active Directory database, log files, and Group Policy Objects (GPOs).

Windows System State Backup from the ZMC

To back up the Windows System State (which is always a full backup), choose Microsoft Windows System State as the type in the Backup What page of the Zmanda Management Console, and the following options are displayed:

backup_what_windows_ss.png

Host Name
The Fully Qualified Domain Name (FQDN) or IP address of the Windows system to be backed up.

Encryption & Compression Options
Lists Encryption and Compression choices. See Enabling Encryption for Windows Backups for details.

Advanced Options - Estimate 
If estimates are taking too long and the databases being backed up do not change in size that much from backup to backup, use the the Historical Average calculated from previous backups. In most cases, the default of Reliably Accurate is appropriate.

After you have set the options, click the Add button to add the Winows snapshot to the backup set. Click Apply Plan to Server to commit the changes; you can then configure the backup set just as you would any other by setting the options on Backup Where, Backup How, and Backup When, etc.

Windows System State Restore from the ZMC

To restore Windows system state, specify the Initial Directory as SystemState in the Restore What page of ZMC.

Please note the following requirements and cautions regarding System State backup and restores through the Zmanda Windows Client:

  • The System State backup source Windows version, platform (i.e. whether it is 32- or 64-bit) and Service Pack level must match those on the target system. For example, you cannot restore a System State backup taken from an XP system to a Vista system, nor can you restore a 32-bit System State backup to a 64-bit target even if the Windows versions match.
  • If restoring the System State backup to the original source of the backup, you must restore all components of the system state; partial restores are possible only to a different destination directory.
  • Windows 2003 Active Directory restores are non-authoritative by default. To perform an authoritative AD and SYSVOL restore, follow the steps here. The Zmanda Windows Client does not directly support authoritative AD/SYSVOL restore.
  • For System State restore to a Domain Controller (provided AD is already installed), you must reboot the machine in Directory Services Restore Mode (DSRM), and then manually start the ZWCService using the DSRM or "Local System"account, then run the System State restore.
  • If Active Directory is not installed, then Restoring System State does not require the system to the be in Directory Services Restore boot mode.
  • Even if the System State restore is not to the original location, the OS versions must match. If the System State that contains the AD database & restore is not to the original location, then the System does not need to be booted in Directory Services Restore mode.
  • If restoring to the entire system state to the original backup source, you must reboot the machine to complete the System State restore.

Changing the password for the amandabackup user

During the installation process, the amandabackup user is created and a password is set. To change the password, shut down the Zmanda Windows Client service, then use the Windows Control Panel utility to edit the amandabackup user account. Use the same procedure as for any other Windows-based password protected service. Restart the Zmanda Windows Client service when you are done. Note that the service must restart without any errors for the changed password to take effect.

Zmanda Windows Client Configuration Utility

The Zmanda Windows Client configuration utility (ZWCConfig) can be used to

  • Create and manage templates
  • add or remove Amanda servers
  • change the debug log settings
  • set advanced options such as the size of the message buffer, location of temporary files, and what certificate to use for encryption/decryption of backups.

Log on to the workstation as the Administrator and start ZWCConfig utility by clicking Start->Programs->Zmanda Client for Windows->ZWCConfig. Alternatively, you can right-click the menu option to Run as administrator. After you start the program, The Zmanda Windows Configuration dialog is displayed.

Creating and Managing Windows Templates

A Windows template is roughly equivalent to a backup object in the Zmanda Management Console, or a Disk List Entry (DLE) in Amanda. A template is useful if you want to back up different files and folders that reside on different drives as part of a single backup object/DLE.

 ZWC_Template.JPG

In addition to specifying drives and folders for backup (which can be accomplished via ZWCconfig), you can also manually edit the template file to specify programs or scripts that should be run before and after the backup.

Templates created using ZWCConfig utility are stored in the template.txt file located in the \Misc directory of the Zmanda Windows Client installation directory on Windows XP and Windows 2003 systems, or %ProgramData%\misc in on Windows Vista, Windows 7 and Windows 2008 systems.

Template Name
Unique name of the template. Only alphanumeric characters and '_' is
allowed for a template name.
Files/folder to include
List of files and folders to be backed up.
Add
Opens a dialog that lets you browse for and select files/folders to back up.
Delete
Deletes the currently selected file/folder from the list of files and folders to include. Click on an entry in the list to select, then click Delete to remove it.
Templates
Lists the templates that have been created and saved to template.txt. Use the dropdown menu to select a template to edit, or select <New Template> to create a template.
Add Template
Click to add a new template.
Delete Template
Click to delete the currently-displayed template from template.txt.

Specifying scripts to run before and after backup and restore operations.

You may want to perform automated operations before and after a backup run and/or before and after a restore run, such as deleting temporary files, starting or stopping services, or other such operations that can be performed
from a Windows script or batch file. By editing the template.txt file described above, you can specify such scripts to run automatically either before or after a backup run and/or before and after a restore run for a given backup template.

 

Simply add a <PRE_BACKUP_SCRIPT> or <POST_BACKUP_SCRIPT> (or <PRE_RESTORE_SCRIPT> or <POST_RESTORE_SCRIPT>) tag(s) to the template.txt file for a given template. The tag's content is the path to script. For example, the following shows what the code would look like to add pre- and post-backup scripts to the MyTemplate template, which backs up c:\data after running c:\preScript.bat (which takes the input file prebackup.txt as an argument), and then runs postScript.bat:

<MyTemplate>
        <DLE_NAME>MyData</DLE_NAME>
        <DLE_TYPE>USER-DEFINED</DLE_TYPE>
        <FILE_LIST>
                <FILE_NAME>c:\data</FILE_NAME>
        </FILE_LIST>
        <PRE_BACKUP_SCRIPT>C:\preScript.bat prebackup.txt</PRE_BACKUP_SCRIPT>
        <POST_BACKUP_SCRIPT>C:\postScript.bat
postbackup.txt</POST_BACKUP_SCRIPT>
</MyTemplate>


If the prebackup script fails, the backup returns ZWC_ENG_ERR_PRE_SCRIPT (error code 278) . If the  postbackup script fails, the error will be logged and backup status will be success.

If the prerestore script fails, an error is logged. If the postrestore script fails, the restore returns the appropriate error.

Setting the Amanda Server

Click the Server tab to display server settings:

ZWC_conf_ServerName.JPG

Server Name
The Fully Qualified Domain Name (FQDN) of the Amanda Backup server. To specify an IP address instead, you can leave this field blank and use the IP Address field instead.
IP Address
The IP Address of the Amanda backup server.  To specify an FQDN, you can leave this field blank and use the Server Name field instead.
Server List
This drop-down menu lists previously-saved Server Names that you can select for viewing and changing settings.
Add/Delete Server
Lets you save the current Server Name (along with its settings) to the Server list dropdown.
Click Exit to save any changes you have made and exit the ZWCconfig utility.

Changing the Log Settings

 

ZWC_conf_Logging.JPG

Log File Name
The name of the logfile (which will be stored in the \Debug subdirectory of the Zmanda Windows Client Installation directory).
Log Level
Range of 1-5. Increasing the level generates more detailed logs; decreasing the level results in more compact (but less detailed) logs. The default level is 2.
Log File Size (in MB)
Depending on the Log Overwrite setting (see below), when this file size limit is reached, the log file will either be renamed to NLogFileNumber.txt (allowing more recent information to be saved in LogFile.txt) or simply overwritten with newer information. If log rotation is enabled, older files are overwritten after the Log File Count is reached.
Log File Count
When log rotation is enabled (i.e., Log Overwrite is disabled), sets the number of logfiles that can be saved before older files are overwritten with newer log entries.
Log Overwrite
If checked, disables the rotating log feature (in other words, newer log entries will overwrite older entries in LogFile.txt after Log File Size has been reached).
Save
Saves the log settings currently displayed.
Reset
Resets all log settings to their default values.
Exit
Exit the ZWCconfig utility.

Advanced Settings

ZWC_Conf_Advanced.JPG


Data Queue Size
Set the number of buffers allowed within each queue of the ZWC messaging framework. Do not change from the default of 50 unless a different value is recommended by the Zmanda Support Team.
Temporary Directory
Sets the location of temporary files created during backup and restore processes. For Windows Vista, the default is C:\ProgramData\Zmanda; for other windows platforms it is the \Misc subdirectory of the ZWC installati

Certificate to use for encryption
Select the digital certificate to use for encryption/decryption of backup data. The Zmanda Windows Client uses certificate-based Windows Encryption to secure the archive with RC4 encryption. For details on importing/exporting certificates to use for encryption, see Exporting a Certificate to Use for Encryption.

See Enabling Encryption for Windows Backups for details.
Save
Saves the advanced settings currently displayed.
Reset
Resets all advanced settings to their default values.
Exit
Exit the ZWCconfig utility.

When you exit the program, you are prompted to restart the ZWCservice, which is necessary for the configuration changes to take effect.

The Zmanda Windows client service can be also be manually restarted from the Windows services user interface (Administrative Tools > Services). An example services screen is shown below.

Services-applet.jpg

Windows client encryption

ZWC uses industry-standard RSA RC4 algorithm for backup encryption. RC4 is RSA's standard streaming encryption algorithm. ZWC supports Windows PFX (Personal Information Exchange) certificates only.

The backup archive stores all encryption metadata information in encoded form including the certificate that was used to encrypt. The SHA1(secure) hash of the certificate is also stored in the archive.

ZWC can decrypt the backup image only if the encryption certificate (in the same form during backup) is present on the target machine. A renamed certificate of the same form will also be able to decrypt the files. User will be able to view the files (filenames) stored within the archive through Winzip and PKZIP Windows utilities, but will not be able to decrypt through these utilities. Only ZWC can decrypt the backup files.

The certificate to be used for encryption must be in amandabackup user's Personal Certificate Store as well as Trusted Root Certification Authorities. Validation of the backup set will fail if the encryption certificate specified in the backup set is not in the certificate stores. The procedure to add the certificate to certificate store is described in next two sections.

ZWC uses Zmanda key container to manage the private keys associated with amandabackup user. When amandabackup user is deleted or in Disaster Recovery situation, it is important to export the Zmanda key container and import it in the new machine. Exporting/Import Key container section discusses this procedure.

The backup user amandabackup must have “Full Control” permissions on the following folders so that it can create Zmanda key container during backup encryption process.


Windows XP and 2003 server:

C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys

Windows Vista, Windows 7 and 2008 server:

C:\Program Data\Microsoft\Crypto\RSA
C:\Program Data\Microsoft\Crypto\RSA\MachineKeys

Enabling Encryption for Windows Backups

Enabling Client encryption requires multiple steps:

  1. Enable compression for the Windows backup set on the ZMC Backup What page for the Windows DLE that needs to be encrypted on the client.
  2. Edit the relevent disklist.conf file on the Amanda server to add the following lines to enable client-side encryption :
encrypt client 
client_encrypt "certificate" 
client_decrypt_option "-d" 

NOTE : This DLE should not be modified using Zmanda Management Console. Modifying this DLE would cause the client encryption changes to be lost.

The method of encryption and further information are included in this Zmanda Knowledgebase article.

Exporting a Certificate to Use for Encryption

The Zmanda Windows client requires a Windows PFX (Personal Information Exchange) certificate to encrypt a backup. Windows PFX files are native certificate formats used in Windows. To export a certificate that the ZWC can use for encryption, follow these steps:

  1. Decide which certificate to be used for encrypting backups. Without the certificate, backups encrypted using the certificate cannot be restored. Please keep the certificate securely as part of backups.
  2. This step is not required if you already have the certificate pfx file. Export that certificate to a location. From the Windows Start menu, click Run and enter

      certmgr.msc

    Find a certificate to export, double-click it, then click Details. Choose the Copy To File option, which will let you select a location for the exported certificate. When exporting the certificate, make sure that:

    -the Yes, export the private key option is checked
    -the Delete Private Key if export is successful option is left unchecked

    After the file has been saved, close the certmgr.msc utility. The exported certificate should be in a folder that is accessible by the amandabackup user.
  3. Log on to the Windows client machine as the amandabackup user and import the certificate by double-clicking it from the file manager. 

Certificate-Import-Wizard.jpg

Double clicking the certificate pfx file will start the Certificate Import Wizard.  The password used to protect the private key must be entered. Make sure the Mark this key as exportable option is selected. See the above screen figure. Place it in a certificate store. It should be in Personal certificate store.

  1. From Windows Start menu, click Run and enter certmgr.msc to browse the certificate store.  Browse Personal Certificate Store certificates (See screen figure below) and copy the imported certificate (right click menu) from the Personal\Certificates folder to the Trusted Root Certification Authorities\Certificates folder to inform the system that the newly imported certificate is a trusted one.

Personal-Certificate.jpg

  1. The certificate to be used for encryption must be in amandabackup user's Personal Certificate Store as well as Trusted Root Certification Authorities. See the screen image below. Trusted-Root-Certificate-Authorities.jpg

You can now specify the certificate in the Zmanda Windows Client Configuration utility's Advanced Options dialog.

 

Exporting and Importing Key container

Encryption Metadata for the association between amandabackup user and the digital certificate used is stored under the Zmanda key container on disk on the backup client machine.It is important to export the key container before uninstalling ZWC on the client machine. Also, this key container will be needed, in the case of restoring encrypted archives on a different  machine.


The exported XML file is needed for disaster recovery and must be backed up. To export and import key containers, .NET framework (version 2.0 or greater) must be installed on the Windows machine. It is usually found under C:\WINDOWS\Microsoft.NET\Framework and Framework64 folders.


To export the Zmanda key container to XML file, run the following command (Windows Start > Run > command):

aspnet_regiis -px “Zmanda” “<Name of XML file to be created>” -pri

 

IMPORTANT: Before importing Zmanda key container from another machine, make sure you have exported Zmanda key container from the current machine. This step is necessary if you are importing Zmanda Key container to a machine that is already performing Amanda encrypted backups. Use the above procedure to export Zmanda key container. To import the Zmanda key container from the XML file, run the following command (Windows Start > Run > command):

 

aspnet_regiis -pi “Zmanda” “<Name of the exported XML file>” -exp

 

 

 

 

 

 

 

You will need to import the exported key container from the current machine, in order to recover from encrypted archives backed up from this machine.

After importing the Zmanda key container, the digital encryption certificates have to be imported for the amandabackup user. This is necessary to recover from encrypted archives.

Compatibility with previous versions of the Zmanda Windows Client

If you have created backup images using Amanda Enterprise edition Windows Client 2.6.1 or older,  the older version of the client is required to recover the files to a Windows machine. Contact the Zmanda Support team for assistance. Alternatively, you can use the current version of Amanda Enterprise to recover the files to the backup server and then move them manually to the client.

Running the Windows Client Support Script

The zwc-support utility collects system log files, log files related to ZWC and system related information. The utility then archives these log files into a single compressed file. You must run the utility as the Administrator. This compressed file can be then sent to the Zmanda Support team for analysis.

Location

The Zmanda Windows Client support utility zwc-support.bat is included with the Zmanda Windows Client. To start the script, click Start->Programs->Zmanda Client for Windows->zwc-support

Files Gathered

The following types of log files are gathered by zwc-support:

Zmanda Windows Client Installation Logs

  • c:\ZWC_install.log
  • C:\Program Files\Zmanda\Zmanda Client for Windows\Debug\LogFile.txt

Zmanda Windows Client Debug Logs:

  • C:\Program Files\Zmanda\Zmanda Client for Windows\Debug\LogFile(n).txt
  • Zmanda Windows Client configuration info

System Logs:

  • System-info
  • Application and System Logs

Additional information:

  • Files and Folders count on all the drives.
  • Environment variables list.
  • MySQL dump

Output File

After the utility is run, an output file with the name zwc-logs-datetimestamp.cab is created in the Zmanda installation directory.