How to tell when (or even if) it's safe to force a hard drive to dismount on a server?
August 27, 2012 8:45 AM Subscribe
How can I know what harm I could do by dismounting a secondary drive on my server?
We have a Windows 2008 server that handles file sharing, DHCP and a few other tasks for us. Assuming I'm comfortable with what it means to have it completely unusable for a time by those on the network (To ensure that, I'll even be unplugging it from the network). I'm encrypting a non-system drive with TrueCrypt in place, and it (understandably) wants to dismount it while it encrypts it. I think what I'm asking, beyond what harm forcing a dismount could do, is how to figure out which services (if any) are using it at any given time?
Thank you in advance.
We have a Windows 2008 server that handles file sharing, DHCP and a few other tasks for us. Assuming I'm comfortable with what it means to have it completely unusable for a time by those on the network (To ensure that, I'll even be unplugging it from the network). I'm encrypting a non-system drive with TrueCrypt in place, and it (understandably) wants to dismount it while it encrypts it. I think what I'm asking, beyond what harm forcing a dismount could do, is how to figure out which services (if any) are using it at any given time?
Thank you in advance.
Response by poster: Well, I would, but I don't know how I would encrypt it if it were shut down. Perhaps I'm being dense...
posted by TrueVox at 9:36 AM on August 27, 2012
posted by TrueVox at 9:36 AM on August 27, 2012
The difficulty I'm having in parsing your question is what you mean by "forcing" a dismount - I don't think you can do any harm to the actual disk by allowing TC to handle this for you. Of course, create a backup of the data on this drive before doing anything (preferably encrypted since that's your end goal with your data anyway, but make sure you can access it after you make your backup). I don't think you need to worry about what services are accessing it if you're going to disconnect the machine from the network - once TC encrypts the drive and re-mounts it, all should be back to normal. But the way I'd get at that info, being a renegade sysadmin, would be to dismount it, check my error logs to know what services are freaking out, and deal with them on a case-by-case basis.
posted by antonymous at 10:27 AM on August 27, 2012
posted by antonymous at 10:27 AM on August 27, 2012
Response by poster: I'm sorry, I wasn't being clear enough. Forgive me.
When I say "Forcing", I mean at some point during the TrueCrypt encryption process, TrueCrypt needs to dismount the drive. If it's not being used by something, it can do it without "forcing" a dismount. If it IS being used by something (even if it's just a matter of someone having a word file open on that drive, unedited), TrueCrypt will (in my experience) offer to "force a dismount". This is what's happening here. You can see a similar effect by creating a TrueCrypt volume, putting something in it, accessing it (say, put a movie in it & play the movie), and trying to dismount it. It (likely) won't work, and TrueCrypt will offer to "force a dismount".
Does that make sense?
I do have backups, but due to the length of restoring from them, I'd prefer not to if I can avoid it.
Thank you for the continued help!
posted by TrueVox at 1:01 PM on August 27, 2012
When I say "Forcing", I mean at some point during the TrueCrypt encryption process, TrueCrypt needs to dismount the drive. If it's not being used by something, it can do it without "forcing" a dismount. If it IS being used by something (even if it's just a matter of someone having a word file open on that drive, unedited), TrueCrypt will (in my experience) offer to "force a dismount". This is what's happening here. You can see a similar effect by creating a TrueCrypt volume, putting something in it, accessing it (say, put a movie in it & play the movie), and trying to dismount it. It (likely) won't work, and TrueCrypt will offer to "force a dismount".
Does that make sense?
I do have backups, but due to the length of restoring from them, I'd prefer not to if I can avoid it.
Thank you for the continued help!
posted by TrueVox at 1:01 PM on August 27, 2012
Best answer: Well I don't think I can offer much more advice beyond "go for it", but I'll cop to being somewhat reckless when it comes to stuff like this. I'm not enough of a Windows guy to know how to tell what services may be touching a drive, but I do know how to troubleshoot errors, so if you're in the same boat I'd just fire away and deal with problems and dialogue boxes as they crop up. (I said that I was a sysadmin, which does not equate to complete competence) At least you know that worst-case you have to restore from backup (which I hope you've done before to test the backups). I know that option is a pain but at least you're not looking at losing data, just time.
Also, a fresh reboot of the machine beforehand may get rid of the "force dismount" dialogue (though that's not guaranteed if you're sharing parts of the drive you're about to encrypt).
Personally, I think you'll be fine. You know what the server is doing (DHCP, file sharing, etc.) so you probably have a good idea what that disk is being used for. I generally consider these types of dialogue choices a bit of a CYA for the software makers to get you thinking about what the purpose of the disk really is and what impact it being away for awhile might have, which you're obviously doing.
posted by antonymous at 2:16 PM on August 27, 2012
Also, a fresh reboot of the machine beforehand may get rid of the "force dismount" dialogue (though that's not guaranteed if you're sharing parts of the drive you're about to encrypt).
Personally, I think you'll be fine. You know what the server is doing (DHCP, file sharing, etc.) so you probably have a good idea what that disk is being used for. I generally consider these types of dialogue choices a bit of a CYA for the software makers to get you thinking about what the purpose of the disk really is and what impact it being away for awhile might have, which you're obviously doing.
posted by antonymous at 2:16 PM on August 27, 2012
If you have to ask, then you probably shouldn't be doing this.
What is Truecrypt on a non-mobile machine supposed to do for you? A Truecrypt volume that is mounted might as well not be encrypted. Are you really going to walk over to the machine and mount and dismount the volume every time you need something off of that hard drive?
Also, I would not by any small stretch assume that Truecrypt's encrypt in place is going to work correctly.
posted by gjc at 4:47 PM on August 27, 2012
What is Truecrypt on a non-mobile machine supposed to do for you? A Truecrypt volume that is mounted might as well not be encrypted. Are you really going to walk over to the machine and mount and dismount the volume every time you need something off of that hard drive?
Also, I would not by any small stretch assume that Truecrypt's encrypt in place is going to work correctly.
posted by gjc at 4:47 PM on August 27, 2012
Response by poster: Whoops, haven't been back for a little while, sorry. Thanks for the advice, Atonymouse, you've kinda confirmed what I've been thinking.
As for GJC - policy requires full disc encryption of everything. I don't make the rules, I enforce them.
OK, todays D-Day, so I'm saying that I've got what I need and that for all intents and purposes this questions closed. Thank you all for your suggestions! :)
posted by TrueVox at 2:50 AM on August 31, 2012
As for GJC - policy requires full disc encryption of everything. I don't make the rules, I enforce them.
OK, todays D-Day, so I'm saying that I've got what I need and that for all intents and purposes this questions closed. Thank you all for your suggestions! :)
posted by TrueVox at 2:50 AM on August 31, 2012
Response by poster: OK, for anyone still reading, everything went just fine. All sealed up & running like a top. Thanks everyone for the help!
posted by TrueVox at 6:18 PM on September 1, 2012
posted by TrueVox at 6:18 PM on September 1, 2012
This thread is closed to new comments.
posted by Raichle at 8:59 AM on August 27, 2012