Archive for March, 2010

Checking Backup Jobs in Atempo’s Time Navigator

Wednesday, March 31st, 2010

Time Navigator is a powerful enterprise level backup software suite. It is also one of the most complex backup software you can manage.

In order for an ADB to be successful you need to check the following:

  • Whether the scheduled backups were successful or not.
  • If they were unsuccessful is intervention required?
  • Check the available storage for future backups
  • Did test restore succeed or not
  • Are Critical files backed up?
  • General log review

Section 1. Check whether the scheduled backup was successful

To begin you need to know the username and password for the local user on the host computer, which needs to have admin rights, as well as the username and password for the tina catalog.

Step 1: Open the Time Navigator Administrative Console.
On Mac it is /Applications/Atempo/tina/Administrative Console
On Windows c:\Program Files\Tina\Administrative Console

When the Administrative Console starts it will initiate a connection to the Time Navigator Catalog indicated in the config files.

It will prompt you for a username and password. Once you enter the proper username and password you will gain access to the Administrative Console.

This program interface is the main access point to the various programs that let you control Time Navigator.

Step 2. Choose the “Monitor” menu list and select “Job Manager” this will open the Time Navigator Job Manage. The initial view will show all active jobs. Go to the View menu and choose “Historic” this will show past jobs.

From here you will be able to review the recent backup jobs to find out whether they were successful or not.

Section 2. If the backups were unsuccessful do they require intervention?

Determining whether intervention is required is largely diagnosed by the reasons of a backup failure.

From within the Job Monitor you can select a job from the historic menu and double click it to access the job detail window.

From this window you will have access to several tabs. The tab of interest here will be the one called “Events”. This is a filtered view of the logs so it shows only the log entries that are connected to this job number.

To make the determination of whether intervention is warranted requires some knowledge of the errors you find. To that end the errors are color coded. Yellow errors are considered minor and are likely to be overlooked if they are the only errors present. While Orange and Red errors are higher priority and should warrant the attention of a tech trained in Time Navigator.

Section 3. Check the available storage capacity for future backup executions.

Time Navigator treats all forms of storage as tape a tape library. Your backup destination will either be a Virtual Tape library, in the case of backing up to hard drives, or to a specific physical tape library.

This means that we will need to view the Library Manager application.

Start with the Admin Console. Choose the host for which the library is attached. ( all libraries are attached to a host ) Select the host icon with the mouse and choose the “Devices” menu from there choose “Library” then “Operations” then “Management”

This will spawn the Library Manager application. You will be presented with a dialogue containing a list of available Libraries.

Once chosen you will get a window that shows the number of drives ( virtual or real ) and the tape cartridges in their slots ( also virtual or real ) by this display you will be able to determine which tapes have been used and which are free for use.
If a cartridge has been used it will be labeled for the tape pool in which is belongs too. If it is free for use it will be labeled either SPARE or ????? or in rare cases. Lost & Found. Lost & Found cartridges should be reported to the administrator.

A comprehensive determination of how much space is left would take some math. Know how much each tape represents and how much data is backed up nightly etc…

A quick version to keep in mind is percentages. If there is less than 10% free available cartridges it might be worthwhile to notify the administrator. It will take some experience to tell whether this is a problem or not as some tapes can hold hundreds of gigs and two tapes might take months to fill.

Section 4. Test Restore. Success or Failure.

This section implies that you will attempt a restoration of some files.
FIle restoration with Time Navigator is both its most powerful feature and most complex in comparison to other backup software.

First a word about the process. While it is true that the Administrative Console and associated applications can be run on any computer that participates in the Time Navigator backup system. The Restore and Archive Manager application will attempt to make a connection to the host from which files were backed up. Which means you will need credentials for that host which allow read write access to the directories which were backed up. To this end it is often simpler to open the Administrative Console on the host in question before you open the Restore and Archive Manager application.

To restore files from the backup of a host you will need to select the host from the Administrative Console. From the “Platform” menu choose “Restore and Archive Manager”. You will then be challenged for a username and password for the host in question.

Once you have entered legitimate credentials for the host you will be presented with the window for the Restore and Archive manager. It will show the host name and the username by which you are connecting. It will also show you the complete file system on this host in expandable trees. Each element with a check mark box beside it

Furthermore this view will show you the file system in the present and the capacity to show the file system at some point in the past.

This element is where the program gets its name. The “Time Navigator” allows you to navigate through time to look at the file system and select file for restoration.

The idea here is that you know what time period you are looking for. You select the date beside the “past” radio button and it will then show you what files are available for that time period.

The second feature shown on this interface is the ability to isolate files that have been deleted. Meaning you have the ability to adjust the view to show files that were present in the past but are not present now. Spanning back an arbitrary amount of time as determined by the form element for days, weeks, months etc…

While this is very useful it will not filter out non deleted files. Meaning you have to know what directory you want to look in before this becomes useful.

A third, and in my opinion the most useful, method of restoring files is called versioning.
If you right click ( control click ) on a file that has been backed up, you will be presented with a contextual menu with the word “versions”

Once selected it will open a dialogue window with every version of the file that is currently within the backup catalog.

Once you have selected a file from that list you will need to select the “synchronize” button at the bottom of this versions dialogue. This will set the past date and time marker to the point in time where this file was backed up. You can then check mark the file to be restore.

FInally you can search the catalog for files form this host. While within the Restore and Archive Manage choose the “Backup” menu and choose find.

You will be presented with the search interface with the current host already selected as the search base. From here you can search by pathname, filename and how far back in time to search and how many results to show

The search forms will accept wildcards for more creative searching. Once a file is located in the results window you will need to select the “synchronize” button at the bottom in a manner similar to the versions window mentioned above.

RESTORING.

All of the above techniques are methods of locating the files you wish to restore and putting check marks besides them. Now it is time to restore them

Once you have all the files you wish to restore check marked we can proceed.
We will accomplish this with the “Restore” menu item. If there is any question as to what you have selected for backup, there is the option here to “view checked objects” This will filter the view to show only objects that have been check marked for restoration.

Next we can choose to test the backup or Run the backup. If there is any question as to whether the media for a file is available you should run it as a test first.

When you select test you will be greeted with a warning dialogue that says that this operation will perform all operations except for the writing of data itself. This means drives and or tape cartridges will be engaged and network throughput will be used.

After you agree the restore dialogue will show. You will have to tabs to choose from.
The first of which is labeled “Parameters”.

From here you can choose whether to restore the files to their original locations or to a new location on the same file system ( if you wish to restore to another host, it is possible but it is not covered here )

Now you must choose what level of backup you wish. Here you are presented with several radio dials that allow you to choose whether to restore data with or without directory and object information. This may seem like a splitting hairs but in some environments it is nice that your backup system can restore the user permissions for objects in your directory tree instead of just restoring everything.

The checkmark box for “restore all file versions” will restore everything int he “versions” list discussed above. Not used very often,

Now to the second tab “Behavior” the first selection to be made here is what behavior to choose should there already be a file with the same file name at the destination path.

You will see options for restore the file and overwrite, to renaming either the existing file or the restored file or do not restore if certain conditions are met.

Keep this in mind. If you need to restore a large number of files and you don’t know whether you should overwrite existing files, you should restore it in a neutral location and review it by hand.

If an error occurs while Restoring files. Skip? Cancel? Ask user? This selection will be important if you are monitoring the process. If you are not monitoring and you choose skip. You will need to review the logs, you choose cancel. you could come back to very little data being restored.

Finally the section “if required cartridges are off-line”
you run into this if you are dealing with physical tapes that are no longer within the library.

Issue Operator Requests for each missing cartridge. Which means the software will bug you each time a tape is missing.
Ignore files indicated on those cartridges. Self explanatory.
Cancel
Display offline cartridge list. This is the one I have learned to check, It will check the availability of the tapes within the current library listing. Which means if you put new tapes in you have to scan the bar codes before this list updates. This method avoids a lot of headaches and is my recommendation of you are dealing with physical tape.

Finally you get to press restore. Where you will be presented with the dialogue for the restore process. You will see the progress bar, the path of files being restored and the option to monitor restore events.

If after all of this you have problems restoring you should contact a Time Navigator Admin.

Section 5. Did critical files backup.

At first glance this is similar to “did backups succeed” You can backup the system state for windows servers which are critical files but you should also check to see if the catalog for Time Navigator is being backed up. In the administrative console there is a host icon which will be called CATALOG. It is very important that this get backed up nightly. If this file becomes corrupt or non functional. The entire backup is effectively lost. A good Time Navigator tech can spend a huge amount of time to pull data from the tapes.

Section 6. General Logs Review

This section covers looking for things that look weird. From the Administrative Console choose Monitor Events.

This will open the event monitor and if you see errors like, Environment error or catalog error. Then it needs to be reported.

10.6.3 Is Out

Monday, March 29th, 2010

For those who have had issues with Samba saving to file shares hosted on Windows Server, EMC or NetApp targets from within Microsoft Office (amongst other minor issues), you’ll be happy to note that Mac OS X 10.6.3 and Mac OS X Server 10.6.3 are now available for download. You can run softwareupdate to pick up the updates, or to download the updates manually see the links below:

Mac OS X Client
Mac OS X Server

WordPress 3.0 on the Horizon

Wednesday, March 24th, 2010

According to the current project schedule, WordPress 3.0 will hit the release candidate milestone next month, with a target release date of May 1, 2010. Lots of people have been writing about the new features of this release, but here are some of the highlights from the official list:

  • The merge with WordPress Multi-User (and multisite capabilities)
  • Better support for custom post types
  • Better menu management
  • New default theme “Twenty Ten” (preview here)
  • Custom Navigation
  • Custom Backgrounds
  • Choose username for the first account, rather than using ‘admin’
  • New template files for custom post types
  • Author specific templates
  • jQuery updated to 1.4.2

The code merge between “normal” WordPress and WordPress MU is a major undertaking. This will also allow BuddyPress to officially be installed on non-multiuser sites. The new default theme and ability to easily modify backgrounds should allow non-designers to create a nice custom site without having to know too much about theme design. The WooNav addition looks great and the elimination of the default admin user is something we talked about in our last post on WordPress security.

This will be a major release that should be tested in a non-production environment before being deployed on your server. 318 will be ready to help you with this upgrade when it’s released – call us at 877.318.1318 to schedule an appointment today!

WordPress Security Auditing

Thursday, March 11th, 2010

After reading Sarah Gooding’s WPMU.org article, 7 Quick Strategies to Beef Up Your Security, we decided to take a look at our own WordPress settings here on the 318 Tech Journal.

Deleting the Default Admin User

Creating a new user with admin permissions, then logging in as that user and deleting the default “admin” account is great advice. Just make sure you assign all of the old admin users posts and links to the new account. Another caveat, if you are using the WPG2 plugin with a Gallery2 installation, make sure to remove the Gallery2 user links before deleting the old admin account.

Don’t Use the Default “wp_” Table Prefix

SQL injection attacks are very real, and this tip can help mitigate risk of infection. The WP Security Scan plug-in mentioned in the WPMU.org article has a built-in tool to help automate this change, but it can also lock you out of your dashboard. The trick is to make sure each user’s meta_key settings in the usermeta table match whatever prefix you choose:

wp_capabilities –> newprefix_capabilities
wp_usersettings –> newprefix_usersettings
wp_usersettingstime –> newprefix_usersettingstime
wp_user_level –> newprefix_user_level

Whitelisting Access to wp-admin by IP Address

This is typically done via .htaccess files and the AskApache Password Protection For WordPress plug-in mentioned in the WPMU.org article can help get the settings correct, although that plug-in has specific server requirements in order to run (it will run some tests for you to see if your server qualifies). If you do set this up, beware of dynamic IP address changes, which can lock you out in the future.

Other Items to Consider

  • Consider using a local MySQL application like Sequel Pro or the command line mysql tools for database configuration instead of public web-facing tools like phpMyAdmin. If you do use PMA, you should lock down access as much as possible using .htaccess controls (or other methods).
  • Tools like the WP Security Scan plug-in mentioned above or Donncha O Caoimh’s WordPress Exploit Scanner plug-in can help identify file permission issues in your WordPress setup.
  • Using SSH/SFTP instead of FTP to access your server is always good advice, even when you are using whitelists.
  • Stay up to date on both WordPress core files and all of your plug-ins.

318 is here to help you with all of your WordPress needs – call us today at 877.318.1318!