Over the life cycle of a Microsoft Windows operating system, you may have to restore a system state backup that is installed on one computer to the same physical computer or even to a different physical computer. Recovery from the following events may require a restore operation:
- hardware failure
- software failure
- computer theft
- natural disaster
- user error
You can restore a system state backup from one physical computer to the same physical computer or another computer that has the same make, model, and configuration (identical hardware).
Microsoft does not support restoring a system state backup from one computer to a second computer of a different make, model, or hardware configuration. Microsoft will only provide commercially reasonable efforts to support this process. Even if the source and destination computers seem to be identical makes and models, there may be driver, hardware, or firmware differences between the source and destination computers.
This article describes how to create a system state backup on one computer and restore it to the same computer or to a different physical computer of the same make and model. If you do not follow the steps in this article, you will reduce the probability of success when you restore to different hardware.
Windows Server 2003 Server
To restore Windows Server 2003-based computers , the preferred method of recovery is to use the Automated System Recovery (ASR) feature. ASR automates the whole restore process. This process produces the most reliable result.
The source computer is defined as the computer that you used to create the system state backup. The destination computer is the computer where you will restore the backup.
The following guidelines must be followed for the restore operation to succeed.
Hardware Abstraction Layer (HAL)
The source and destination computers must use the same type of HAL. There is one exception to this rule. If one of the computers contains the Advanced Configuration and Power Interface (ACPI) multiprocessor HAL, the other computer can have the ACPI uniprocessor HAL. The same rule applies to MPS multiprocessor and MPS uniprocessor HALs.For example, if the source is using the MPS multiprocessor HAL, you can restore data to a destination computer that uses the MPS uniprocessor HAL. However, you cannot restore data to a destination computer that uses the ACPI multiprocessor HAL.
Note If the destination computer's HAL is compatible, but not identical, to the source computer's HAL, you must update the HAL on the destination computer after you finish the restore. For example, if the source computer has a single processor and is using the ACPI uniprocessor HAL, you can restore a backup from that computer to a multiprocessor destination computer. However, the destination computer will not use more than one processor until you update the HAL to an ACPI multiprocessor HAL.
To determine the computer HAL type that you are using on each computer, follow these steps:
- Click Start, point to Settings, click Control Panel, and then click System.
- On the Hardware tab, click Device Manager, and then expand the Computer branch.
- ACPI multiprocessor computer = Halmacpi.dll
- ACPI uniprocessor computer = Halaacpi.dll
- Advanced Configuration and Power Interface (ACPI) computer = Halacpi.dll
- MPS multiprocessor computer = Halmps.dll
- MPS uniprocessor computer Halapic.dll standard computer = Hal.dll
- Compaq SystemPro multiprocessor or 100% compatible = Halsp.dll
Operating system version
The source and destination computers must use identical operating system versions and identical Windows stock-keeping units (SKUs). For example, you cannot back up Microsoft Windows 2000 Server and then restore it on a computer that is running Windows 2000 Advanced Server. Also, the source and destination computers should both use retail versions of Windows or should both use the same OEM version of Windows. The best practice is to install Windows on the destination computer by using the same installation media that you used to install the source computer.
Filter drivers
Uninstall third-party filter drivers on the source computer before you perform the backup. These kinds of drivers can cause problems when the backup is restored to a different computer.Windows folder and disk layout
The destination computer must use the same logical drive letter (%systemdrive%) and path (%systemroot%) as the source computer. For domain controllers, the locations of the Active Directory directory service database, Active Directory log files, FRS database, and FRS log files must also be identical for the source and destination computers. For example, if the Active Directory database log files on the source computer were installed on C:\WINNT\NTDS, the destination computer must also use the C:\WINNT\NTDS path.
Hardware
If you remove any hardware on the destination computer that is not required to complete the restore process, you increase the probability of a successful restore operation. For example, physically remove or disable all except one network adapter. Install or enable the additional adapters after you restart the operating system after the restore operation.Hotfix and service pack level
For Windows 2000 computers, hotfix 810161 or Windows 2000 Service Pack 4 must be installed on the source computer before you back up data. These items must also be installed on the destination computer before you restore the backup. Windows Server 2003 and Windows XP have no hotfix or service pack level requirements for this kind of restore operation.For Windows Server 2003, Windows XP, and Windows 2000
For client and member server computers, follow these steps to back up the Windows installation and restore it to a different computer. (A member server is any server that is not a domain controller.)- On the source computer, log on by using the administrator account, and then stop all noncritical services and services that you typically stop before you perform a backup. This may include any service that puts locks on files. This includes antivirus, disk scanning, and indexing services.
- On the source computer, verify that the TCP/IP start value is set to 1. This value is located in the following registry subkey:
Value Name Start
Value Type REG_DWORD
Value Data 1
- On the source computer, use Windows Backup to back up the system drive, the system drive subfolders, and the system state.
- On the destination computer, perform a new installation of Windows by using the same operating system version as the source computer. Make sure that you install the operating system in the same drive and path that was used on the source computer. For example, if Windows is installed to C:\WINNT on the source, you must install to the same location on the destination computer
- After the new installation is complete, log on to the destination computer as Administrator. By using Disk Management, create, format, and assign drive letters to any additional volumes that may be required to hold a system state component. Make sure that all drive letters match those of the source computer. Disk space for volumes on the destination computer should be as least as large as corresponding volumes on the source.
- On the destination computer, create a C:\Backup folder. Put a copy of the C:\Boot.ini file and the whole %systemroot%\Repair folder, including all of its subfolders, in the C:\Backup folder for use in step 8. The Boot.ini file is in the root of the system partition (typically, C:\Boot.ini). The Repair folder is generally in the C:\WINNT\Repair folder or in the C:\WINDOWS\Repair folder.
- To restore the backup on the destination computer, follow these steps:
- Click Start, click Run, type ntbackup, and then click OK.
- On the Tools menu, click Options, click the Restore tab, and then click Always replace the file on my computer.
- Restore the system state from the backup that you performed earlier. Make sure that you select the option to restore to the original location.
- After the restore operation is complete, but before you restart the destination computer, follow these steps:
- Copy the Boot.ini file from the c:\Backup folder that you created in step 6. Copy the Repair folder and its subfolders from the C:\Backup folder to the %systemroot%\Repair folder.
- Reinstall the destination computer's hard disk controller drivers if third-party drivers are being used.
- Verify that the source computer is turned off, disconnected from the network, or has been reinstalled by using a different computer name and IP address. (If the source computer had a static IP address, the destination computer will have that same static IP address after the restore operation.)
- Restart the computer, and then verify that it is functioning correctly.
If the restored computer was a member computer or member server, test the security channel by using the NLTESTcommand:
NLTEST /SC_QUERY:<DomainName>
If SC_QUERY reports a failure condition, reset the security channel by using the following command:
NLTEST /SC_RESET:<DomainName>
If the destination computer is a member computer or member server, you may have to reset its security channel with the domain, depending on how recently the backup occurred. When you run the netdiag /test:trust command, the security channel relationship test will fail if the security channel is broken. The netdiag command is available when you install the Support Tools on the Windows installation media.
If the trust relationship test fails and indicates a failed security channel, you can run the netdom command on the destination computer to reset the channel. The netdom command is also available in the Support Tools. To reset the security channel, use the following netdom command:
netdom reset Destination computer /domain:domain_name usero:admin_user
/passwordo:admin_user_password
Note Destination computer is the destination computer. domain_name is the name of the domain. admin_user is the user who is a member of the administrator group. admin_user_password is the password of the user account.
For Windows Server 2003, Windows XP, and Windows 2000
For client and member server computers, follow these steps to back up the Windows installation and restore it to a different computer. (A member server is any server that is not a domain controller.)- On the source computer, log on by using the administrator account, and then stop all noncritical services and services that you typically stop before you perform a backup. This may include any service that puts locks on files. This includes antivirus, disk scanning, and indexing services.
- On the source computer, verify that the TCP/IP start value is set to 1. This value is located in the following registry subkey:
Value Name Start
Value Type REG_DWORD
Value Data 1
- On the source computer, use Windows Backup to back up the system drive, the system drive sub-folders, and the system state.
- On the destination computer, perform a new installation of Windows by using the same operating system version as the source computer. Make sure that you install the operating system in the same drive and path that was used on the source computer. For example, if Windows is installed to C:\WINNT on the source, you must install to the same location on the destination computer.
- After the new installation is complete, log on to the destination computer as Administrator. By using Disk Management, create, format, and assign drive letters to any additional volumes that may be required to hold a system state component. Make sure that all drive letters match those of the source computer. Disk space for volumes on the destination computer should be as least as large as corresponding volumes on the source.
- On the destination computer, create a C:\Backup folder. Put a copy of the C:\Boot.ini file and the whole %systemroot%\Repair folder, including all of its subfolders, in the C:\Backup folder for use in step 8. The Boot.ini file is in the root of the system partition (typically, C:\Boot.ini). The Repair folder is generally in the C:\WINNT\Repair folder or in the C:\WINDOWS\Repair folder.
- To restore the backup on the destination computer, follow these steps:
- Click Start, click Run, type ntbackup, and then click OK.
- On the Tools menu, click Options, click the Restore tab, and then click Always replace the file on my computer.
- Restore the system state from the backup that you performed earlier. Make sure that you select the option to restore to the original location.
Note To have access to all removable media (tape or magneto-optical disk) from the source computer after the restore operation is complete, you must click Restore Removable Storage Database under the Advanced button before you start the restore operation.
- After the restore operation is complete, but before you restart the destination computer, follow these steps:
- Copy the Boot.ini file from the c:\Backup folder that you created in step 6. Copy the Repair folder and its subfolders from the C:\Backup folder to the %systemroot%\Repair folder.
- Reinstall the destination computer's hard disk controller drivers if third-party drivers are being used.
- Verify that the source computer is turned off, disconnected from the network, or has been reinstalled by using a different computer name and IP address. (If the source computer had a static IP address, the destination computer will have that same static IP address after the restore operation.)
- Restart the computer, and then verify that it is functioning correctly.
If the restored computer was a member computer or member server, test the security channel by using the NLTESTcommand:
NLTEST /SC_QUERY:<DomainName>
If SC_QUERY reports a failure condition, reset the security channel by using the following command:
NLTEST /SC_RESET:<DomainName>
If the destination computer is a member computer or member server, you may have to reset its security channel with the domain, depending on how recently the backup occurred. When you run the netdiag /test:trust command, the security channel relationship test will fail if the security channel is broken. The netdiag command is available when you install the Support Tools on the Windows installation media.
If the trust relationship test fails and indicates a failed security channel, you can run the netdom command on the destination computer to reset the channel. The netdom command is also available in the Support Tools.
To reset the security channel, use the following netdom command:
netdom reset Destination computer /domain:domain_name
usero:admin_user/passwordo:admin_user_password
Note Destination computer is the destination computer. domain_name is the name of the domain. admin_user is the user who is a member of the administrator group. admin_user_password is the password of the user account.
Windows domain controller installation
For Windows Server 2003, Windows XP, Windows 2000
- On the source computer, log on by using the administrator account, and then stop all noncritical services and services that you typically stop before you perform a backup. This may include any service that puts locks on files. This includes antivirus, disk scanning, and indexing services.
- On the source computer, verify that the TCP/IP start value is set to 1. This value is located in the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip
Value Name Start
Value Type REG_DWORD
Value Data 1
- Use the Windows backup tool to back up the system drive and the system state. For Windows 2000, if Sysvol resides on a drive other than the system drive, you must also back up that folder and all subfolders. For example, if Sysvol is located in the D:\Sysvol folder, you must back up the system drive, the system state, and the D:\Sysvol folder.
- Perform a new installation of Windows on the destination computer by using the same version of Windows as the source computer. Make sure that you install Windows to the same location as on the source computer. For example, if Windows is installed to the C:\WINNT folder on the source, you must install Windows to the same location on the destination.
- After the new installation is complete, log on to the destination computer as an administrator. By using Disk Management, create, format, and assign drive letters to any additional volumes that may be required to hold a system state component or an application. Make sure that all drive letters match those of the source computer.
- On the destination computer, create a C:\Backup folder. Put a copy of the Boot.ini file in that folder, in the %systemroot%\Repair folder, and in all the subfolders of the Repair folder. The Boot.ini file is in the root of the system partition. (This folder is typically the C:\Boot.ini folder.) The Repair folder is typically in the C:\WINNT\Repair folder or in the C:\WINDOWS\Repair folder.
- If the source computer is the only domain controller for the domain, reinstall Windows on the source computer, or disconnect it from the network, before you restore the backup to the destination computer. We recommend those steps, because it is too easy for someone to turn the source computer back on. If someone turns on the source computer, name conflicts or other problems with the destination computer occur.
- If the source computer is not the only domain controller for the domain, use the Active Directory Installation Wizard to remove Active Directory from the source computer. Then, either reinstall Windows on the source computer, or disconnect it from the network .
- When you have confirmed that the source computer and the restored destination computer are not online at the same time, restore the backup by following these steps:
- Click Start, click Run, type ntbackup, and then click OK.
- On the Tools menu, click Options, click the Restore tab, and then click Always replace the file on my computer.
- Restore the system state and the system drive from the backup that you performed earlier. For Windows 2000, you must also manually select the Sysvol folder to be restored. The system state includes Sysvol. However, there is an issue in Windows 2000 that prevents the Sysvol junction points from being restored correctly if you restore only the system state. Make sure that you select the option to restore to Original location.
- After the restore operation is complete, but before you restart the destination computer, follow these steps:
- Replace the Boot.ini file and the %systemroot%\Repair folder that has the copies that you made in step 6.
- Reinstall the destination computer's hard disk controller drivers if third-party drivers are being used.
- In the TCP/IP settings, verify that the computer is configured to use a Domain Name System (DNS) server that is authoritative for the domain and that is currently online. Do not configure the server to use itself for DNS because the DNS records in the backup may no longer be valid. When the restore operation is complete, and when you have verified that the destination computer is functioning correctly, you can configure the server to use itself for DNS.
- If the destination computer will be the first or only domain controller for the domain, follow these steps to authoritatively restore the File Replication Service (FRS). This step must also be complete before the first restart after the restore operation is complete.
Warning Do not follow these steps if there are existing domain controllers in the domain.
- Click Start, and then click Run, type regedit, and then press ENTER.
- Locate the following registry subkey:
- HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Replica Sets
- Expand Replica Sets, identify the subkey that refers to the replica set DOMAIN SYSTEM VOLUME (SYSVOL SHARE).
- Then find the subkey of the Cumulative Replica Sets subkey that matches the name of the subkey from the previous step.
- Expand Cumulative Replica Sets, click the subkey that represents the Sysvol replica set, double-click BurFlags.
- In the Edit DWORD Value dialog box, type D4, and then click OK.
- Restart the computer.
- Restart the computer and verify that it is functioning correctly by using the dcdiag and netdiag commands. For more information about how to use the dcdiag command, click the following article number to view the article in the Microsoft Knowledge Base:
265706 Dcdiag and netdiag in Windows 2000 facilitate domain join and DC creation
If there are existing domain controllers in the domain, you may have to reset its security channel, depending on how recently the backup occurred. If the security channel is broken, the netdiag /test:trust command will indicate that the trust relationship test failed. If the trust relationship test result indicates that the test was skipped, you can safely ignore the results. This result indicates that the computer that you are running the test on has the PDC emulator operation master role.
If the trust relationship test fails, you have a failed security channel. To fix this, run the netdom command on the destination computer to reset the security channel. To reset the security channel on a domain controller by using thenetdom command, follow these steps:
- Stop the Kerberos Key Distribution Center (KDC) service, and set it to Manual startup.
- Run the following command to reset the security channel:
netdom resetpwd /server:replication_partner_server_name /userd:domain_name\admin_user/password:admin_user_password
Note replication_partner_server_name is the name of the replication partner server. The command must be running locally on the destination computer.
- Restart the computer, start the KDC, and then set it back to Automatic startup.
- Make sure that you verify that replication is working if there are existing domain controllers in the domain.
Troubleshooting
After you restart the destination computer, you may experience the following symptoms:You receive one of the following Stop error messages:
- Stop 0x0000007B Inaccessible_Boot_Device
- STOP: 0x00000079 Hal_Mismatch
- The computer stops responding at startup.
- The computer that is running Windows Server 2008 crashes on startup. This occurs when the source HAL and the target HAL do not match.
- The computer spontaneously restarts when you receive the following message on a black screen early in the restart process:
- Starting Windows 2000
- You cannot configure your display settings.
- The network adapter does not function correctly.
To resolve issues with the display settings or with a network adapter, remove the graphics adapter or the network adapter from Device Manager, and then restart the computer. Windows will redetect the device and possibly prompt you for drivers.
To resolve the problem when the source HAL and the target HAL under Windows Server 2008, follow these steps:
- Click Start, right-click Command Prompt, and then click Run as administrator.
- Run the following command: bcdedit /set GUID_identifier detecthal yes
- To resolve the Stop error or the problem where a computer stops responding, perform an in-place upgrade of Windows.
