Requirements and considerations for file-level backups
The following are required to run file-level backups:
● You must install a Unitrends agent on the asset. Agent installation procedures vary by operating system. For instructions, see Installing the Unitrends agent.
● You must add the asset to the backup appliance. After installing the required agent, add the asset as described in To add an agent-based asset.
Additional requirements may apply. Review the following topics for details:
Once you've installed the agent, added the asset to the appliance, and reviewed the applicable additional requirements, proceed to Backup Administration and Procedures to set up backup jobs.
Suspend, hibernate, and sleep modes
Protected assets must be awake for the full duration of the backup job.
Maximum file pathname lengths
Some Unitrends agents have a maximum file pathname size limitation. The backup does not include file pathnames that exceed this limit. The following table lists the agents affected by this restriction and the supported maximum file pathname lengths.
|
Unitrends agent |
Maximum file pathname length |
|---|---|
|
Windows |
32 KB |
|
Linux |
4 KB |
|
Solaris |
1 KB |
|
Mac OS X |
1 KB |
Default exclusions from file-level backups of Windows servers
By default, file-level backups of Windows severs exclude certain directories and files. These exclusions are in addition to any exclusions you have applied to the Windows server’s backups.
File-level backups of Windows servers exclude:
● Any mapped network drives
● /RECYCLER
● /$Recycle.Bin
● %TMP%
● %TEMP%
● *.tmp
● *.temp
● %AllUsersProfile%\Microsoft\Network\Downloader\Cache
● %WINDIR%\System32\Config
● %WINDIR%\System32\Catroot2
● %WINDIR%\win386.swp
● Contents of the server’s DataDirectory as specified by the registry key HKLM\Software\Microsoft\Windows
● Contents of the server’s DefaultDataDirectory as specified by the registry key HKLM\Software\Microsoft\Windows
● Files specified by the registry key HKLM\System\CurrentControlSet\Control\BackupRestore\FilesNotToBackup
● Additionally, the following profile directories specified by the registry key HKLM\Software\Microsoft\WindowsNT\CurrentVersion\ProfileList\*\ProfileImagePath\ are also excluded:
● \AppData\Local\Temp
● \Local Settings\Temp
● \Local Settings\Temporary Internet Files
Default exclusions from file-level backups of Linux servers
By default,file-level backups of Linux exclude certain directories and files. These exclusions are in addition to any exclusions you have applied to the Linux client’s backups.
NOTE If you need to include any of the system-excluded directories in your environment, see How to adjust the Linux default exclusion list.
Default Linux directories excluded from backup:
● Any network mounts
● /proc
● /sys
● /var/tmp
● /home/*/.gvfs
● /var/lib/nfs
● /rpc_pipefs
● /lib/modules/*/volatile/*
● /usr/bp/incremental_forever
Additional Windows limitations
The following table describes additional limitations that may apply to your Windows environment.
|
OS or feature |
Limitation |
|---|---|
|
Windows Server 2022, 2019, and 2016 |
The following Windows Server 2022, 2019, and 2016 features are not yet supported: ● Nano Servers (this deployment option does not install VSS components, which are required for agent backups) ● Windows Containers, such as Kubernetes clusters ● Shielded VMs ● Storage Spaces Direct ● Hyper-Converged Infrastructure (HCI) deployments |
|
File server clusters |
For clustered configurations: ● Each node in the cluster must be running agent version 10.6.9 or later. ● Be sure to install the same agent version on all nodes in the cluster. |
|
Multi-point Services Role and RDS User Profile Disks |
The Multi-point Services Role and RDS User Profile Disks are not supported. (You can disable the Multi-point Services Role to run agent backups.) |
|
Windows Storage Server 2008 |
Single Instance Storage (SIS) is not supported and must be disabled to run agent backups. |
|
BitLocker encrypted volumes |
Backup and recovery of BitLocker encrypted volumes is supported only if the Windows LocalSystem account can access the volume. After each reboot of the Windows server, the Windows Administrator may need to manually re-enable access. If the Unitrends Windows agent cannot access the volume during backup or recovery, the job skips the volume and either fails or runs with a warning. Check the backup details for the Windows API error and refer to Microsoft’s documentation for the steps needed to correct the issue. |
|
Continuous Availability File Shares (CAFS) and Cluster Shared Volumes (CSVs) |
In some environments, CSVs must be excluded from backups of Windows 2012 R2 and 2016 servers that use the CAFS feature. If CSVs are included and the backup fails with the following error, use the steps in To protect a Windows server and its CSVs if backups fail with VSS error: (VSS_E_VOLUME_NOT_SUPPORTED_BY_PROVIDER) To protect a Windows server and its CSVs if backups fail with VSS error 1. Add the Windows server to the appliance as described in To add an agent-based asset. 2. Create a backup schedule for the Windows server as described in To create a file-level backup job. In the schedule: ● Exclude all CSVs. ● Include the system state. 3. Create an alias for each CSV as described in Creating aliases for agent-based assets. 4. Add each CSV to the appliance as described in To add an agent-based asset. 5. Create a separate backup schedule for each CSV as described in To create a file-level backup job. In each schedule: ● Include only the CSV volume. ● Exclude the system state. |
Linux maximum UID and GID for 64-bit assets
On Linux assets, each file has a user ID (UID) and group ID (GID) that indicates the user and group that owns the file. On 64-bit Linux assets only, the Unitrends agent enforces a maximum value of 2097151 for these IDs. While backing up a 64-bit asset, the agent resets any UID or GID that is greater than 2097151 back to 0. Resetting these IDs does not prevent backup or recovery of the files.
After recovering a file whose UID or GID exceeded the maximum limit, an administrator can modify the user and/or group ID to its original value.
To prevent this condition on a 64-bit Linux asset, you can configure the maximum UID and GID values by setting the UID_MAX and GID_MAX values to 2097151 in this file: /etc/login.defs.
Exclude active databases from file-level backups
Unitrends recommends excluding active databases from file-level backups. Run application-level backups to protect active databases. For information on application backups, see Application Backups Overview.
NOTE SQL files for system databases (such as master, model, and msdb) are always included to support Windows replicas. Do not exclude these if you will be using Windows replicas for hosted SQL databases.
Some active databases are automatically excluded with file-level backups, as described here:
● Exchange — All transaction log files (.LOG files), the Exchange database (.EDB files), and streaming content files (.STM files) are excluded. See Automatic exclusion of application data during file-level backups.
● SQL — The following extensions are excluded from SQL user databases if the SQL VSS component is running on the Windows asset: .mdf, .ldf, and .ndf. Files in SQL database/log directories are excluded. See Automatic exclusion of SQL data during file-level backups.
Mac OS X SIP directories
Starting with Mac 10.11, Apple introduced a new security feature called System Integrity Protection (SIP). With SIP, the following directories are write-protected: /System, /bin, /sbin, /usr (except for /usr/local), and any default applications in /Applications. Only Apple-signed packages can write to these protected directories.
Unitrends handles these protected directories as follows:
● Backups include the contents of these directories (unless you have explicitly excluded them).
● File-level recovery operations recover all data other than the contents of these SIP directories. If you need to recover SIP-protected files, perform a bare metal recovery instead (as described in the Bare Metal Protection and Recovery Guide).
