Recovering Deleted/Lost/Missing Data From Novell Servers
This paper discusses data loss from Novell server disks along with methods to recover and restore the lost data.
Effective recovery of lost data requires an understanding of data management techniques used by NetWare …quot; this includes understanding NetWare file systems and NetWare volume types. Basic awareness about various data loss scenarios along with NetWare’s built-in defense mechanisms against data loss is also required.
In instances of data loss, it is recommended that the affected server disk not be used further and be immediately disconnected…quot; the correct way to recover data from failed disks is to connect these disks to healthy working disks and initiate the recovery process from the healthy disks. Thorough knowledge on the connection of such disks is a must during a recovery process.
Finally, robust data recovery software is needed to ensure complete and effective recovery.
This document is a discussion on all of the above. A generic description about the working of data recovery software is also outlined, followed by a short case study (using Stellar Phoenix Novell) to help users better understand the recovery process. This document assumes that the reader has little or no knowledge of data recovery and only very basic knowledge of Operating Systems, hard disks and NetWare.
Table of Contents
Data Management in Novell NetWare
1.1 NetWare server disks and file systems
1.2 NetWare Volume types
1.3 How data gets lost
1.4 Data recovery methods provided by NetWare & its limitations
Setting up the hardware (for a recovery process)
2.1 Basic Do’s and Don’ts
2.2 Connecting IDE disks
2.3 Connecting SCSI disks
2.4 Finishing up
Using data recovery software (Stellar Phoenix Novell)
3.1 How data recovery software work
3.2 Case Study …quot; Using Stellar Phoenix Novell to recover data
3.2.1. How to recover deleted files
3.2.2. How to recover missing/lost NetWare partitions
3.2.3. How to recover compressed volumes
Conclusion
1. Data Management in Novell NetWare
1.1 NetWare server disks and File Systems
A NetWare server disk consists of 2 basic partitions. The first is a small MS-DOS partition used to boot the computer and then load the NetWare OS. The second partition contains the NetWare OS files.
Fig: Structure of NetWare server disk
The NetWare partition (shown in blue in the figure above) consists of 2 basic divisions: a Hot Fix Redirection Area and a Data Area.
The Hot Fix Redirection Area contains sectors which act as substitutes for bad sectors on the hard disk. Before writing data to the disk, NetWare verifies whether the target sectors are in good condition …quot; if they are not, the data is redirected to the sectors in the Hot Fix Area. The Hot Fix Area typically comprises 0.2 - 2% (user-specified) of the disk space. This area consists of two parts: one being a table which maps bad sectors in the data area to corresponding sectors in the Hot Fix Area, and the other comprising the actual sectors which act as substitutes for bad sectors.
Fig: Structure of a NetWare Partition and its Hot Fix Redirection Area
The Data Area consists of a Volume Table (which contains detailed information of the volumes such as name, size, block size, segmentation, and other details) and one or more logical Volumes. The first volume in any NetWare partition is the SYS Volume. Shown below is the Volume distribution in a typical server disk:
Fig: Distribution of Volumes on a server disk
The methods and data structures used to organize files on a Volume are known as its File System. NetWare file systems have evolved over time with NetWare 2.x using NWFS 286, NetWare 3.x and 4.x using NWFS 386, while NetWare 5.x and later uses the NSS (Novell Storage Services) file system.
NWFS
NWFS can be thought of as a modified FAT (MS-DOS/Windows) file system. It used to come in both 16-bit (NWFS 286) and 32-bit (NWFS 386) versions, and has now been superseded by the 64-bit NSS (Novell Storage Services) file system.
NetWare 4.x and earlier had volumes formatted to the NWFS file system which is similar to Microsoft’s FAT 32 file system. Distributed across a NetWare Volume are certain blocks which contain 2 important data structures that manage files and directories …quot; these are DET (Directory Entry Table) and FAT (File Allocation Table). This is similar to the Directory Table and File Allocation Table used in Microsoft’s FAT file system.
The DET contains a list of all files and directories in the volume including details such as name, size, attributes, and so on. The FAT is a table that contains information about where on the Volume various files are stored, which blocks they occupy, and so on …quot; all files can be located using the FAT. 2 copies each of the DET and FAT are maintained (for the sake of redundancy). The DET and FAT blocks are distributed throughout the Volume.
Fig: Structure of a NetWare Volume
In NWFS, the Directory entries are recorded in a Table, and the File Allocation entries are maintained using Linked Lists.
NSS
Unlike NWFS (which manages data using the DET and FAT), NSS is a Journaling file system. This means that any change made to a file, instead of being directly updated to the DET and FAT as in NWFS, is first logged in a journal before the actual change is made. Only the files metadata (data about the file such as name, size, location, and so on) is logged and not the actual file data. Therefore, if the disk crashes while some write processes are running, the OS knows which processes to redo on rebooting.
All structured data on a Volume formatted to NSS is organized using the B-Tree (Balanced Tree) algorithm. The B-Tree is a tree data structure and is very efficient for use in file systems and databases. Two of the B-Trees found in NSS are the Name Tree B-Tree which manages a Volume’s directory structure (analogous to the DET in NWFS) and the Beast B-Tree which manages all file’s metadata (analogous to the FAT in NWFS).
A B-Tree is very efficient with insertions and deletions which is why it is used in file systems and data bases
NSS v/s NWFS with respect to Data Safety and Protection
NSS is far superior to NWFS when it comes to data safety and protection
NSS NWFS
Error Correction Presence of journal simplifies error correction/recovery Entire volume must be scanned (VREPAIR) to determine errors
File Snapshot Backup of open files No such support available
Pool Snapshot Backup of block in current state No such support available
RAID Support Supports RAID 0,1,5,10,15 Supports RAID 0,1,10
Data Shredding
(Data Erasure) Permanent data removal
(overwriting over 7 passes) No such support available
1.2 NetWare Volume Types
Data storage in Novell servers can be optimized using configurations such as Compressed Volumes, Sub-allocated Volumes, and Segmented Volumes. Data recovery software usually recovers data in its raw form, as they appear on the disk, disregarding any of the above configurations they may be in. Thus, the recovery of such data back to its original form presents a problem. Before we look at how such configurations can be retained even after recovery, let us first understand how data is arranged in such volumes.
Compressed Volumes
Data Compression refers to the process of storing data in a format that requires less space than usual. Compressing data is the same as packing data …quot; reducing the amount of electronic ’space’ data takes up, and compressed data usually consumes 2 to 4 times fewer bits. Typically, it is infrequently used data which is automatically compressed to save space.
Methods of compressing data include replacing multiple blank spaces with a character count, or replacing redundant data with shorter stand-in ‘codes’.
Volumes can be compressed in NSS using the console command:
nss /Compression=(Volume Name) OR nss /Compression=all
Volume compression statistics can be viewed using the command:
CompScreen
Note: Volume compression is an irreversible process.
A listing of all Novell compression capabilities is available at: http://www.novell.com/documentation/nw65/index.html page=/documentation/nw65/nss_enu/data/bpwtq9o.html
Sub-allocated Volumes
Sub-allocated volumes are a new feature and have been implemented in NetWare 4.x to overcome the problem of wasted disk space. These volumes are different from regular Novell volumes because they are more of a ‘virtual’ volume …quot; one that is not ‘visible’, but exists nevertheless.
Sub-allocation refers to multiple file-endings sharing disk blocks. The data in a file is stored in the hard disk in multiple blocks, each block being a collection of sectors of standard size. There are, almost always, some unutilized sectors at the end of a file. These ‘under-allocated’ sectors of different files are combined together to form a separate ‘virtual’ volume.
For Example: Say, a volume stores data in blocks of 4 sectors, each sector having size = 512 bytes. Now, if there is a file containing 520 bytes of data, the first sector is entirely occupied and the remaining 8 bytes go into the second sector. This leaves 2 entire sectors unused. These unutilized sectors of different files are combined together to form a separate sub-allocated volume, thus saving space and optimizing data storage.
Fig: Space optimization using Sub-allocated volumes
The sub-allocated volume is virtual - it does not show up as a separate logical volume. It is internally used by the Operating System (NetWare 4.x) to optimize disk space utilization.
Sub-allocation was a useful feature in NWFS which uses 64K blocks. NSS, which uses 4K blocks, do not have much use for sub-allocation.
Segmented Volumes
Segmented volumes refer to volumes which have had their size increased by taking disk space from another area. This space is usually taken from another disk, resulting in the Volume existing in ’segments’ across different disks, and hence the name segmented volumes. Segmented volumes add flexibility and are particularly useful in cases of important volumes needing additional disk space. A volume may be spanned across as many as 32 hard disks.
Fig: Volume X is a segmented volume spanned across 3 hard disks
For Example: Say, a disk consists of 2 volumes, one of which is almost full up and needs additional space. NetWare uses a feature using which disk space, usually from a separate disk, can be added to an existing volume.
While Segmented Volumes do make for increased volume size, the downside is that the volume gets fragmented.
1.3 How data gets lost
Data loss can be just a click away and usually occurs when least expected. Some of the leading causes of data loss:
(Source: www.protect-data.com/information/statistics.html)
The biggest factor leading to data loss is hardware malfunction. Hard disks are mechanical devices and therefore fall victim to wear and tear …quot; estimates put the average life of a hard disk at 3 years and it’s easy to see why - picture a series of disk platters rotating at 10,000 times per minute (over a 150 times a second!) with disk heads moving over them, separated at submicron distances. The margin for error, for mechanical movements inside the disk, is minimal. Even slight vibrations can unsettle alignments, and dropping a disk to the floor can be thought of as a minor catastrophe …quot; in fact, Head/Media collisions account for a large percentage of hardware malfunctions. Add to this other factors such as settling of dust particles on magnetic surfaces, sudden temperature variations, electronic (circuit board) failures, Controller failures, power surges, etc and one can understand the relatively short life span of hard disks …quot; a hardware malfunction can occur at any time and is sometimes beyond the control of the user.
Human error (accidental deletion/format, incorrect usage of software, etc) and software malfunction (corruption by virulent software, configuration complexity, improper backups, etc) are other major factors leading to data loss. While virus attacks are an issue with other Operating Systems (most notably Windows), this is not much of an issue in NetWare.
1.4 Data safety methods provided by NetWare & its limitations
Although NWFS has limited data safety/protection methods, NSS comes with useful features some of which are:
Journaling -> This significantly reduces the number of errors that happen when an operation is interrupted unexpectedly (resulting from occurrences such as a power failure or system failure).
File Snapshot -> This feature allows transient copies of open files to be made. Taking advantage of this, backups of even open files are possible. This feature can be activated using the console command:
nss /FileCopyOnWrite=(Volume Name) OR nss /FileCopyOnWrite=all
For a complete description of this feature, visit:
http://www.novell.com/documentation/nw65/index.html page=/documentation/nw65/nss_enu/data/ajhv67e.html
Pool Snapshot -> This feature allows you to take a snapshot of a data pool as it exists, including open files. This can be helpful for backup, maintenance, and restoration of lost data.
A snapshot can be taken using the console command:
mm snap create (snappool)(datapool)(snapname)
A previously taken snapshot can be activated using the console command:
mm snap activate (snapname)
A more extensive list of Pool Snapshot capabilities is given at:
http://www.novell.com/documentation/nw65/index.html page=/documentation/nw65/nss_enu/data/br18vpz.html
Even though these features offer data safety up to a certain level, the one big limitation for these features above is that all backups are metadata-based only. This means that a data disaster on a big scale, with a files actual core data getting lost/deleted, cannot be resolved using these features. What is needed in such a scenario is a complete scan of the disk surface to look for deleted/missing entries. This can only be done by advanced data recovery software and is a must-use when the above methods fail.
2. Setting up the hardware (for a recovery process)
2.1 Basic Do’s and Don’ts
When data is seemingly ‘deleted’ from a disk, the actual data is not removed. Only the reference information of the file is modified so that the space that a file occupies on the disk is marked as ‘free-space’ and is made available for writing on. But until that space is actually overwritten by other data, the original data remains intact and is therefore recoverable.
Since ‘lost’ data being overwritten is a major concern, it is imperative that the volume containing lost data is not used at all. Even leaving the server on, without any activity, causes many tiny files to be written/updated every few seconds. This increases the chance of lost data being overwritten and reduces the possibility of total data recovery. Therefore, after any instance of data loss …quot; be it a single deleted file or a total disk failure …quot; it is preferable to disconnect the affected server disk.
Following episodes of data loss:
Do’s
Turn off the machine immediately
Disconnect the server disk
Don’ts
Never restart the machine in the hope that this will solve the problem …quot; a restart involves many files being generated which may result in overwriting of lost data which will in turn reduce the possibility of total data recovery
If you hear clicking/grinding noises coming from the storage media, then it is a hardware failure …quot; do not continue using the disk. It is preferable to disconnect the server disk immediately. In such cases, even data recovery software may not fully be able to recover lost data …quot; it needs to be turned over to data recovery specialists
If there is intense physical damage to the disk (such as a power surge resulting in smoke or sparks), do not experiment with the media …quot; this needs examination by experts
Do not, under any circumstances, open up the disk since exposing the platters may damage the disk beyond repair. The disk is to be opened up only as a last resort and that too by professionals working in a clean-room
If the data recovery software allows installation on NetWare, do not install the software on the Volume which is affected. While it is possible to install the software on a Volume other than the one which is affected, it is always preferable to connect the affected disk to a working disk and then install the recovery software to the working disk
The ideal method to recover lost data is to connect the affected disk to a healthy disk. Data recovery software is then installed on to the healthy disk after which the software detects and does a scan of the affected disk.
The following section describes the connection of the disks.
2.2 Connecting IDE disks
It is best not to involve the server disk for recovery software installation during a system recovery. It is recommended to install the software on a Windows OS ‘host’ disk, and then connect the affected server disk to it (to understand why, read section 3 labeled ‘Using Data Recovery Software’).
This section discusses the connection of IDE (also known as ATA) disks.
Disks with IDE interfaces can be connected as:
‘Slave’ on the Primary channel OR
Either ‘Master’ or ‘Slave’ on a secondary channel
This implies that the disk with lost data can be connected in any way to a working disk, as long as the system does not boot from the affected disk.
Configuring a disk to be either ‘Master’ or ‘Slave’ involves setting the jumper pins at the back of the hard disks.
This is what the back of a disk looks like:
IDE Cable Connector
One end of this connector goes into the back of the disk, and the other into the motherboard.
Jumper Pins
Out of the given sets of jumper pins, one of the sets needs to be ‘jumpered’ thus giving the disk its configuration. The diagram for the jumper pin configuration should be given in a sticker on the disk. If the failed disk is being connected on the primary channel, it needs to be connected in the ’slave’ configuration. Use tweezers to change the switch position. There is a notch that prevents incorrect insertion.
Power Cable Connector
The power cable goes in here.
This is what an IDE cable looks like:
Connecting disks to the cable
An IDE cable has one end connected to the motherboard, and the other end usually goes into the disk configured as ‘Master’. The working disk which has recovery software installed in it should be the ‘Master’. The plug in the middle usually has the disk configured as ‘Slave’. If connected in the primary channel, the damaged disk needs to be ‘jumpered’ to be a ‘Slave’ and then connected to this middle plug.
After the jumper pins have been set and IDE cable connected at the correct points, the disks need to be installed into its case …quot; simply screw in the disk to secure it to its case. The next step is to make sure that the computer accepts the disks.
2.3 Connecting SCSI Disks
While disks with IDE interfaces have gained popularity with home PC users because of their low cost, SCSI interface disks are common with servers and high performance workstations and/or peripherals. The most visible difference between IDE and SCSI disks is that a single SCSI adapter can handle as many as 7 or 15 devices at a time …quot; because of this, setting the Jumper Pins at the back of a SCSI disk are a little more complicated than behind an IDE disk.
In connecting SCSI disks appropriate jumper pins have to be set to assign SCSI ID’s, configure termination, etc. For data recovery purposes the only thing to remember while connecting the disks is to connect the SCSI disk with lost data as:
‘Slave’ on the Primary channel OR
Either ‘Master’ or ‘Slave’ on a secondary channel
This implies that the disk with lost data can be connected in any way to a working disk, as long as the system does not boot from the affected disk.
This is similar to disks with IDE interfaces (see above …quot; Connecting IDE disks - for connection details). The jumper pin setting information should be detailed in the sticker on the disk itself. After connecting the SCSI disk in the appropriate configuration, the next step is to make sure that the computer accepts the disks.
2.4 Finishing Up
The BIOS usually automatically detects new hardware - this is so because the disk detection feature is set to ‘AUTO’ by default. However, it is still better to enter the BIOS and confirm whether the appropriate disk channel(s) are set to ‘AUTO’.
There are different methods of entering the BIOS for different motherboards. It is usually done by pressing the ‘F2′ key or the ‘Delete’ key just after starting the computer (To find out the exact keystroke(s) to enter the BIOS, visit: http://www.numonics.com/support/bios.htm).
In the BIOS, navigate through the main menu and go the Hard Disk AutoDetect feature
In the Hard Disk setup window, make sure the channel that the disk is connected to, is set to ‘AUTO’. For Example: If the disk with lost data is a ’slave’ on the primary channel, make sure that this option is set to ‘AUTO’.
After making the necessary changes, remember to save changes before exiting BIOS.
3. Using Data Recovery Software (Stellar Phoenix Novell)
3.1 How data recovery software work
When a file is seemingly ‘deleted’ from a disk, the actual data is not removed. The only thing that is done is modification of the file’s entry in the directory table/tree such that the space on the disk that the file occupied is now labeled as free space. Thus, the file still exists on the disk - but the file system is blind to it. This is much like a house without an address - it exists, but there is simply no way to go to it. Permanent deletion occurs only after the file’s actual data is overwritten by other data.
Data recovery software, such as Stellar Phoenix Novell, take advantage of this fact and use it to recover lost data.
When a file is ‘deleted’, only the first few bytes of that files entry in the Directory Table/Tree are modified to make the file system recognize that file as deleted. Data Recovery software scan the Directory Table/Tree looking for modified entries which have been labeled as ‘deleted’. When it finds one, it verifies whether the clusters occupied by this file have been left untouched or whether the clusters have already been overwritten by a new file. If the clusters are still ‘free’ and have not been reallocated, then this file is recoverable. 数据恢复
This is the reason why an affected disk should be disconnected and not left running as tiny files keep getting generated/updated every few seconds, thus increasing the likelihood of crucial data getting overwritten …quot; it is easy to understand then, why even something as simple as a system restart could turn out to be catastrophic.
Sometimes, however, even the Directory Table/Tree may be corrupt or may have been overwritten. In such cases, data recovery software go into advanced mode and scan the disk cluster by cluster. When the software finds a file, it verifies whether that file’s entry exists in the Directory Table/Tree …quot; if it does, then the file is obviously ‘visible’ to users. However, if an existing file on the disk does not have an associated entry in the Directory Table/Tree, then it is considered to be a lost/missing entry and the software will display this as a ‘found’ file.
Thus, data can be recovered either by analyzing the Directory table/tree of a file system (to look for deleted files), or by doing a cluster by cluster search of the physical disk (to look for lost/missing files). These two options are given different names (like ‘Standard Search’ and ‘Advanced Search’) by different data recovery software.
The next section discusses the recovery process of deleted files and missing/lost NetWare partitions using Stellar Phoenix Novell.
Problems faced in recovering data from compressed/sub-allocated/segmented volumes:
Data recovered from volumes which are compressed, sub-allocated, or segmented presents a few problems.
Compressed Volumes
Data recovery software recover lost data exactly as it was stored in the disk, and the recovered data may be compressed. Data must be decompressed before it can be used. This gives rise to the problem of recovered data being unusable (because it is in a compressed format).
Sub-allocated Volumes
Sub-allocated Volumes are virtual and not ‘visible’. Since data recovery software do a physical scan on the hard disk, recovery of lost data from sub-allocated sections of a volume is a problem.
Segmented Volumes
Regular data recovery software can usually scan only one disk at a time, but segmented volumes may be spanned across multiple disks, which is what creates the difficulty in the recovery of segmented volumes.
Effective data recovery software for NetWare requires advanced modules to fully recover data from such volumes while at the same time maintaining the original configuration …quot; ensure that the data recovery software you purchase can recover data from all these volume types
3.2 Case Study …quot; Using Stellar Phoenix Novell to recover data
All data recovery software have a trial version available which lets users get a good approximation of how effective the software can be. The trial version scans the disk using both Standard and Advanced modes and displays a list of all recoverable data. However, the full version will be needed to actually restore/save that data.
If you have lost data to be recovered, try downloading Stellar Phoenix Novell from www.stellarinfo.com/netware-data-recovery.htm and then install the software to a healthy working hard disk with the Windows Operating System in it. Stellar Phoenix Novell is a win32 executable and needs to be installed to a Windows based disk.
Run setup.exe from among the downloaded files …quot; the software is installed, by default, to a Stellar folder in Program Files. Additionally, usual entries to the Programs group (Start -> Programs) and the Add/Remove Programs list (in Control Panel) are also made.
Note: Make sure you are logged in as administrator before initializing setup - the software installation requires local administrative rights in Windows NT/2000/XP. 数据恢复
The affected server disk should be connected to this ‘Windows’ disk as a secondary (for details, read Section 2: Setting up the hardware).
Running the software will display the user interface containing a Toolbar which contains all necessary buttons to operate the software, from initiating the recovery process to saving the lost data.
Limitation of Stellar Phoenix Novell: NetWare 6.5 and later has an optional Encrypted Volume Support (EVS) feature using which it is possible to encrypt data stored on any newly created volume (the SYS volume is the only volume that cannot have the EVS feature in it). This is done mostly for protection of data against theft. Although data in EVS volumes are in an encrypted format, they work seamlessly with all applications. To learn how to create an encrypted volume, visit: http://www.novell.com/documentation/nw65/index.html page=/documentation/nw65/nss_enu/data/bq2y6nb.htm.
Stellar Phoenix Novell cannot recover data from such encrypted volumes.
For further information on the workings of this software, read the product’s Knowledge Base articles at: http://stellarinfo.com/esupport/users/kb.php category_id=13
3.2.1. How to recover deleted files
NWFS
Click the Select Physical Disk button ( ) on the Toolbar to begin the recovery process. The software displays a list of all the hard disks it can detect, including the affected server disk. Select the server disk and then click OK to continue.
Select the NetWare partition
Select the Volume
The software looks for deleted entries in the selected volume and displays the result in a simple tree structure.
If the standard search fails to turn up the desired results, the software can be made to search in an advanced mode (read Section 3.1: How data recovery software work) by changing the Linking Mode to Contiguous (Tools->Change Linking Mode->Contiguous Mode).
Select any number of files to be recovered and then click the Recover Selected button to restore the data. Alternatively, clicking the Recover All button will recover all displayed files. (The Recover Selected/All feature is only activated in the full version …quot; it is not available in the trial version).
NSS
The steps are similar to the ones shown above. They are:
Select the physical disk
Select the NSS Pool
Select the Volume
The software looks for deleted entries in the selected volume and displays the result in a simple tree structure after which any number of files can be recovered.
3.2.2.How to recover missing/lost NetWare partitions
The process of recovering of missing/lost NetWare partitions is similar to the steps shown above in 3.1 How to recover deleted files. The one difference is that instead of specifying the Pool and/or Volume to recover, you need to choose the hard disk to recover from …quot; this is because the software will scan the entire disk to look for missing/lost NetWare partitions.
NWFS
Use the ‘Search NetWare Partition’ option and then select the physical disk which contains the lost/missing partition.
The software searches the selected disk for all partitions. Since the search is intensive, it may take some time to complete. After the search is over, the software will display a list of all found partitions
Select the partition which contains the missing/lost volume
Select the Volume from which data needs to be recovered
The software then analyses the volume’s data structures and file system attributes and displays the result in a simple tree structure after which any number of files may be recovered
NSS
The method of recovering missing/lost NSS Volumes is similar to the steps given above. Moreover, Stellar Phoenix Novell also has an additional feature in which NSS Pools can be searched for, and recovered.
Use the ‘Advanced Search for NSS Volumes’ or ‘Advanced Search for NSS Pools’ option and select the physical disk which contains the lost/missing Volume or Pool
The software does an intensive search and lists all the pools/volumes it can find
Select the Pool/Volume from which data needs to be recovered
The software analyses the relevant data structures and file system attributes and displays the result in a simple tree structure after which any number of files may be recovered
The steps laid out in the 2 sections above work for most Volume types, such as Segmented Volumes, Sub-allocated Volumes, etc and for most data loss events, such as Formatted Volumes, Re-partitioned Volumes, etc. However, recovery of compressed volumes is a slightly more complicated issue and is discussed in the next section.
3.2.3. How to recover compressed Volumes
(For NetWare 4.x and above)
If a Volume is given compression capability, then some data in the Volume will most likely be compressed. When such data is recovered, it is still in a compressed format and thus unusable. Thus, effective data recovery software need to have a decompression module in them to ensure full usability of the recovered data …quot; ensure that the recovery software you use has such a capability.
The use of recovery software’s decompression utility is illustrated by the following steps, as followed in Stellar Phoenix Novell:
Recover the compressed data using the steps followed in sections 3.1 or 3.2 …quot; you now have recovered compressed data on a hard disk different from the affected server disk
Connect the disk with the compressed data to a Novell client machine …quot; this machine now has the compressed data in it
Log on as an Administrator to the Novell client and upload the compressed data to a Novell server disk …quot; the server disk now has the compressed data.
Note: The compressed data should be uploaded to an NWFS Volume on the server
Shut the server down, disconnect the server disk and connect it as a secondary to the disk with Stellar Phoenix Novell installed in it
Run the software, select the volume with the compressed data and then run the software’s decompression utility on the compressed data (Tools -> Mark Compressed Files). The server disk’s compressed data is now decompressed
Reconnect the server disk back into the server machine and boot this machine up
The decompressed data can now be transferred from the server to any client machine
This process does require some patience but is safest and yields best results if done systematically.
Data recovery software, as with most other software, come with their own unique additional features to ease the recovery process. Stellar Phoenix Novell comes with utilities such as File Filter, File Mask, Save Scan, Event Log, Find, and so on to streamline and facilitate the recovery process.
4. Conclusion
The data recovery process for Novell server disks can be summarized briefly as:
Disconnect the server disk
Install the data recovery software to a healthy working disk and connect the affected server disk to this working disk
Run the software to detect the server disk and display all its partitions/volumes
Select the disk/volume from which to recover data from and begin the disk/volume analysis
After all recoverable files are displayed, select the file(s) to be recovered and then restore them
In conclusion, if the server disk is immediately disconnected after an episode of data loss then the chances of total data recovery is very high. Data is never truly lost unless it is overwritten, and it is users that control writing to the disk …quot; hence, salvaging data, even in the event of a total disk failure, is not difficult at all. All that needs to be followed is a systematic approach.
The best practice in protecting data is regularly taking backups. While most Operating Systems today do have built in backup tools, these are not truly extensive. It is always better to go in for genuine 3rd party software (there are many good applications available today), whose development is dedicated to the task of protecting data. Most backup software today are fully automated and keep taking regular backups on their own without any user intervention …quot; even if the disk completely crashes, the machine can be booted using the software’s disc (which contains the necessary boot files) after which the software accesses the backup and restores the system.
Other effective data protection practices are hardware configurations such as RAID, periodic usage of good system checker software, reduction of dust around the work area, monitoring hard disk’s for hardware faults (see Section 1.3: How data gets lost), effective cooling systems, updated anti-virus software, etc.
However, even backups (be it in the form of backup software or hardware configurations such as RAID) are not 100% foolproof and mishaps can occur in any situation. The only way to ensure complete data protection is a thorough knowledge of data storage and recovery processes …quot; this will provide users with small but extremely vital bits of information such as immediate disconnection of affected disks, connection of failed disks to healthy ones, recovery of data to safe locations, etc. Thus, in a nutshell, while data disasters may occur at any time, 100% data recovery is definitely possible.
Related Material:
To understand recovery of data even after it has been overwritten, read Gutmann’s paper at: www.cs.auckland.ac.nz/~pgut001/pubs/secure_del.html
Related Articles: