Over the years the one type of backup that has been the most overlooked however very critical, when needed, is the System State Backup. A System State Backup backs up critical components of a Windows Server; it does not backup files, those components are:
- Boot files, including the system files, and all files protected by Windows File Protection (WFP)
- Active Directory (on a domain controller only)
- Sysvol (on a domain controller only)
- Certificate Services (on certification authority only)
- Cluster database (on a cluster node only)
- The registry
- Performance counter configuration information
- Component Services Class registration database
A system state backup comes in handy when you have an unclean shutdown of the server and parts of the operating system, or Active Directory are corrupt. Additionally, in the case of accidental deletion or modification of records in Active Directory, this is a more expedient way to recover just the needed files without recovering the entire server.
With proper backup and disaster planning, or as we call it Disaster Avoidance, a System State Backup should be just one part of your plan which includes multiple imaged based backups a day with off-site storage.