NetBak Version 2.5 User Manual Program and Manual Copyright 1992 D & D Software Inc. Portions Copyright 1983-1990 Novell, Inc. All Rights Reserved Files: The following files are included in this package: NETBAK.EXE - the program NETBAK.TXT - this document, the user manual LICENSE.TXT - the license agreement ORDER.TXT - an order form for registering the product All the text files can be printed from the DOS command line in a few minutes by executing the command: COPY *.TXT PRN. Introduction: Doing a complete unattended tape backup of a Novell network presents network supervisors with security problems. Most tape backup software requires that files be closed in order to back them up. This usually means backups are done after normal hours and thus are unattended. In addition the backup is normally done from a workstation, which must be logged into the file server. To access all files on the server, including the all important bindery files, requires the workstation to be logged in as supervisor. Very few supervisors are happy with the thought of leaving an unattended workstation logged in with supervisor rights all night, even if the workstation can be secured in a locked room. That's why NetBak was written. It provides the ability to perform unattended backups with a measure of security not normally available. Once operational, the only absolute daily requirement is to change the tape. This is helpful in situations where the network supervisor will be out of the office for one or more days. We've tried other methods to accomplish the same task and found them lacking. Batch files inevitably require a file with the supervisor's password on the workstation's disk. Hidden or not, such files are easily found by reading the batch file. Utilities that log the workstation out of the server whenever a key is pressed provide good security but prevent the backup from taking place if a key is pressed by accident. With NetBak the workstation is not left in a logged in state. After a simple setup session, the selected password and user name are known to the program but inaccessible to others. Executed from the automated backup program included with many popular tape drives, NetBak first locks the keyboard to prevent unauthorized program interruption and then logs into the file server using the user name and password you have provided during setup. It executes the tape commands you have specified in a plain text file and incorporated into NetBak and generates a log to both disk and screen, providing the start and stop time of each command it executes. After all commands have been executed, it logs out of the file server and unlocks the keyboard. Installation: Copy NETBAK.EXE to a directory on your workstation's hard or floppy disk. This can be the directory where your tape software is located or any other directory as long as it is part of your normal search path. Create a script file in the same directory as NETBAK.EXE with any editor that produces plain ASCII text files. At the beginning of this file, enter the MAP commands required to achieve a backup with any tape software that uses drive letters. NetBak does not execute any network script files when logging into the server and therefore does no drive mapping except through your scripts. Then enter your tape backup commands, one command per line. The maximum command line length is 127 characters, a DOS limitation. The format of these commands should be exactly the same as you would enter on the DOS command line if you were executing a manual backup. Note that any line beginning with a semicolon will be ignored. Use the semicolon to add comments to your file. Once satisfied save the file and exit the editor. Please note that a script file can not exceed 2,000 bytes. If in doubt check the file length with DOS' dir command. You may wish to test the script by temporarily renaming it to a bat file like xxx.bat, manually logging into the fileserver and executing XXX to see if there are any problems. Example scripts for several popular tape drives follows. The examples assume a two volume file server with the user mapped to each volume under drive letters G: and H: and request a verification pass after the backup. Please consult the manual accompanying your tape software for further information. Colorado Memory Systems' drives: ; set drive mapping on server F: \PUBLIC\MAP G:=SYS: \PUBLIC\MAP H:=VOL1: ; go to directory with tape software C: CD \TAPE ; backup sys, any errors redirected to error.txt file TAPE BACKUP G:\*.* /-A/C/I/J/K/-P/S/T="SYS BACKUP" > ERROR.TXT ; backup vol1, errors also redirected TAPE BACKUP H:\*.* /A/C/I/J/K/-P/S/T="VOL1 BACKUP" >> ERROR.TXT Mountain Tape drives: F: \PUBLIC\MAP G:=SYS: \PUBLIC\MAP H:=VOL1: C: CD \MTN_TAPE TAPE SBK G:\*.* /S /NSYS /LSYS /C /-A TAPE SBK H:\*.* /S /NVOL1 /LVOL1 /C /A NetBak can support two different scripts, allowing you to do things like an incremental backup for most of the week and a full backup at the end of the week. If you wish to take advantage of this feature, prepare a second script in the same manner as the first. Setup: After loading the network shell files, run NetBak manually from the DOS command line the first time and it will request the name and password of the user to be logged in for the backup session. It will also ask for the drive letter where the network login directory can be found (normally drive F:). To assure a complete backup enter the supervisor's password and accept SUPERVISOR as the default user name. For additional security you can avoid using the supervisor password by creating another user with supervisor equivalence on the network using Novell's SYSCON program and limit the user's access to one workstation and specific night time hours. Enter this user's name and password into NetBak. During the setup process the unique station number of the workstation's network interface card is also retrieved and remembered by NetBak. This provides an additional measure of security in that the program can not be executed on a workstation unless the station number matches that of the machine it was setup on. Subsequent to the first run, NetBak can be invoked with the "/s" command line switch (i.e. NETBAK /S) when you wish to change the current password, user name or network login drive. You will be prompted for the old password before any changes can be made. If you relocate your tape backup to a different workstation, run NETBAK /S without changing anything to update the station number. To incorporate your scripts run NetBak with the "/i" command line option (i.e. NETBAK /I). You will be asked for the password and if correct the name of the script file and whether you wish it to be script #1 (this is the default script NetBak will normally execute unless NetBak is run with the /2 option) or script #2. The commands in the script file will then be incorporated. This step must be completed for at least one script or else NetBak will not perform and exit with the error message, "No commands were found". If you change your scripts at a later time, executing NETBAK /I will allow you to overwrite the old ones after you supply the password and confirm that you wish to overwrite. NetBak must be able to locate COMMAND.COM to execute it's commands. One way of accomplishing this is to have a copy of COMMAND.COM at the workstation and the COMSPEC variable set to point to this file. Even better is to not use COMSPEC anywhere, including the file server AUTOEXEC.BAT file. Finally, activate your tape software's unattended backup program and choose the days and time for your unattended backups. Enter NETBAK or NETBAK.EXE as the program to be executed. Include any command line options you wish to use (e.g. NETBAK /A2). You may instead enter the name of a batch file containing the NETBAK command, depending on your needs and possible limitations of the tape software. Log File: The activity log is shown on screen at the end of each session and is also stored in a file named NETBAK.LOG. This file will always be created in the same directory NETBAK.EXE is located. You can examine this file by using the DOS "type" command (i.e. type netbak.log). Normally only the current session is stored in the log; however, you can cause it to accumulate all subsequent sessions by always invoking NetBak with the "/a" command line switch (i.e. NETBAK /A). The log is helpful in determining how long each of your commands took to execute. It should also be examined when things go wrong for error messages and for tape program malfunctions, normally indicated when the backup time differs radically from previous sessions. If you do not wish the log to be displayed on screen at the end of a session, use the "/n" command line option when executing NetBak. Other Options: If you would like to make sure that the workstation shell is loaded and the file server is running, manually execute NetBak with the "/c" command line switch (i.e. NETBAK /C). This will check for the presence of IPX.COM and NETx.COM on the workstation and make sure the server is available without executing any scripts. To get a screen listing of all valid command line options, execute NETBAK /H from the DOS command prompt. Multiserver Version: In addition to the regular, single server version, we offer a multiserver version which is capable of handling up to eight Novell fileservers connected together as an internetwork. This version should be selected by those who expect to backup multiple servers with a single tape unit during the same NetBak session. Evaluation copy: Prior to payment of the registration fee, the program always starts with a screen requesting that you register and holds until a key is pressed. Both the screen and required keystroke are eliminated with the registered version of the package. While you can not do a completely unattended backup with the evaluation version (you have to be there to provide the required keystroke), you can examine and test the program to see if it meets your needs and decide if you wish to register or discard the software. Registration: Upon payment of the registration fee you will receive a disk containing the most recent registered version of NetBak, a printed manual and a variety of other utilities written by D & D Software, along with a registration number to use for preferred upgrade pricing on future versions and access to our free technical support. We have included a simple order form in the accompanying order.txt file. Please print and use the form for all registrations. Mail your remittance and order form to: D & D Software Inc. 809 Jackson Avenue Lindenhurst, NY 11757 Comments: Any suggestions on this program (all constructive comments appreciated) can be sent by Compuserve Mail to 70406,1163 or phoned (voice) to (516) 957-2448 (9 A.M. - 5 P.M. Mon. - Fri. Eastern) or mailed to the above address. License: See the accompanying file, license.txt, for license provisions.