S 6.42 Creating start-up disks for Windows NT

Initiation responsibility: Head of IT Section, IT Security management

Implementation responsibility: Administrators

For every system operated under Windows NT with a floppy disk drive, a set of repair floppy disks should be kept at hand. For computers with Intel processors, this is contained in the three set-up floppy disks supplied with Windows NT as well as an emergency floppy disk with which the primary set-up status can be reproduced if files are damaged. An emergency floppy disk must be created for every computer as these floppy disks cannot be exchanged between different computers.

During the Windows NT set-up, the user will be asked if he wishes to create an emergency floppy disk. To create an emergency floppy disk, an empty 31/2" floppy disk must be placed in drive A: as required. The information necessary to repair the system will be saved on this floppy disk.

Given that no emergency floppy disk was created during installation, this can be carried out afterwards with the service program RDISK (in the Windows System directory %SystemRoot%\SYSTEM32, for example \WINNT\SYSTEM32). The program must be started with the parameter /s, if the user accounts and access rights should also be stored. However, the selection of this parameter can mean that the backup no longer fits on one floppy disk, if a large number of user profiles are defined on the system concerned. Therefore, the option "Actualise Emergency Information" should be selected at first, in order to save the present system state. The actual emergency floppy disk should then be generated with the option "Create an Emergency diskette".

Note: This process should be repeated after every change to the system configuration so that the emergency floppy disk always reflects the present system state. Only in this way can it be ensured that new entries in the configuration, drive letter assignment, Stripe Sets, data-media sets and mirroring are observed in the repair information. Otherwise access to certain drives can be impossible after system failures. Creation of the emergency floppy disk should thus be carried out after the next successful system boot-up to ensure that a properly running system is being backed-up.

If no start-up floppy disks are available, they can be created with the Windows NT set-up program (WINNT for MS-DOS or Windows 95 set-up and WINNT32 for Windows NT set-up) found on the Windows NT installation CD by executing the program with the parameter /ox. The program requires three empty 31/2" disks. They must be placed in drive A: and the files necessary to start-up Windows NT will then be copied onto the floppy disks.

If system files, boot variables or the boot sector is damaged and the previous start configuration cannot be reproduced with the method of using the most recently known functional configuration, the repair procedure in the Windows NT set-up must be used to reproduce the previous system state.

For the repair procedure, the Windows NT set-up program requires either the emergency floppy disk or the configuration information which is saved in the sub-directory REPAIR under the Windows directory %SystemRoot%, e.g. under \WINNT\REPAIR.

To reproduce a damaged Windows NT installation, the first of the three set-up floppy disks must be placed in drive A: and the computer booted from this drive. In the text window of the set-up program, it will be asked whether Windows NT should be installed or if files should be repaired. The parameter r must be entered. The set-up program then requires the emergency floppy disk. If no emergency disk is available, the set-up program shows a list of available Windows NT installations that have been found on the computer and asks which installation should be repaired. Once the final message has been shown, the emergency floppy disk must be removed from drive A: and the computer re-booted.

The repair procedure in the set-up program allows various elements to be selected for repair:

• System files - The set-up program checks that the directory tree of Windows NT corresponds with the log file on the emergency floppy disk to ensure that all system files are present and intact. If files are missing or damaged files are found, these will be reproduced from the relevant Windows NT set-up source (e.g. CD-ROM). The set-up program also checks Windows NT files on the system partition to ensure that all boot files are available and intact.

• Standard system configuration - The set-up program offers the opportunity to reproduce damaged registry files from those that were initially installed with Windows NT. It must be borne in mind that user accounts and permissions that have been set up since the first installation, or since the last renewal of the emergency floppy disk, are lost.

• Boot variables - By choosing this option, the set-up program reproduces the boot variables from the emergency floppy disk for the special installation of Windows NT onto the hard disk

• Boot sector (only for computers with x86 processors) - By choosing this option the set-up program creates a new boot sector in the system partition.

If other files are missing or damaged, the set-up program reproduces these files from the appropriate Windows NT set-up floppy disks or from the CD-ROM. If the system partition on a computer with an x86 processor has been mistakenly formatted or changed in such a way that Windows NT no longer starts, the repair program reproduces the original boot configuration.

Note: If the system files are repaired, the set-up program will remove the security settings from these files if they are found on an NTFS partition. This is wise, in order to be able to reverse falsely granted permissions for system files which would otherwise prevent Windows NT from accessing the system files necessary for system start-up. For this reason, it is absolutely necessary to keep the emergency floppy disk and the set-up floppy disks safe in such a way that they are protected against any kind of misuse.

Additional controls:

• Is the information on the emergency floppy disk up-to-date?

• Are repair floppy disks kept under lock and key to avoid possible misuse?

• Has an emergency floppy disk been created for every Windows NT system?