Chat now with support
Chat mit Support

Recovery Manager for AD Disaster Recovery Edition 10.2 - User Guide

Overview Getting started
Permissions required to use Recovery Manager for Active Directory Recovery Manager Console Getting and using help Configuring Windows Firewall Using Computer Collections Secure Storage servers Managing Recovery Manager for Active Directory configuration Licensing
Backing up data
Permissions required for the Backup operation Managing Backup Agent Using a least-privileged user account to back up data Using Managed Service Accounts Active Directory backups vs Windows System State backups Creating BMR and Active Directory backups Using the Backup Wizard Retrying backup creation Enabling backup encryption Backing up AD LDS (ADAM) Backing up cross-domain group membership Backing up distributed file system (DFS) data Backup scheduling Setting performance options Setting advanced backup options Using Forest Recovery Agent Unpacking backups Using e-mail notification Viewing backup creation results
Restoring data
Getting started with Active Directory recovery Managing deleted or recycled objects Restoring backed up Active Directory components Integration with Change Auditor for Active Directory Using granular online restore Restoring AD LDS (ADAM) Selectively restoring Active Directory object attributes Restoring objects in an application directory partition Restoring object quotas Restoring cross-domain group membership Performing a restore without having administrator privileges Reports about objects and operations Using complete offline restore Offline restore implications Restoring SYSVOL authoritatively Performing a granular restore of SYSVOL Recovering Group Policy Restoring data from third-party backups Using the Extract Wizard Restoring passwords and SID history
Full Replication Consolidating backup registration data Monitoring Recovery Manager for Active Directory Recovering an Active Directory forest
Forest recovery overview Deploying Recovery Manager for Active Directory Forest Edition (Disaster Recovery Edition) Permissions required to use Forest Recovery Console Forest Recovery Console Managing a recovery project Recovery methods Phased recovery Managing Forest Recovery Agent Rebooting domain controllers manually Resetting DSRM Administrator Password Purging Kerberos Tickets Managing the Global Catalog servers Managing FSMO roles Manage DNS Client Settings Configuring Windows Firewall Developing a custom forest recovery plan Backing up domain controllers Assigning a preferred DNS server during recovery Handling DNS servers during recovery Forest recovery approaches Deciding which backups to use Running custom scripts while recovering a forest Overview of steps to recover a forest Viewing forest recovery progress Viewing recovery plan Viewing a report about forest recovery or verify settings operation Handling failed domain controllers Adding a domain controller to a running recovery operation Selectively recovering domains in a forest Recovering SYSVOL Deleting domains during recovery Resuming an interrupted forest recovery Recovering read-only domain controllers (RODCs) Checking forest health Collecting diagnostic data for technical support
Restore Active Directory on Clean OS Bare metal forest recovery Using Management Shell Creating virtual test environments Using Recovery Manager for Active Directory web portal Appendices
Frequently asked questions Best practices for using Computer Collections Technical characteristics Best practices for creating backups Best practices for creating backups for forest recovery Best practices for recovering a forest Descriptions of recovery or verification steps Ports Used by Recovery Manager for Active Directory Forest Edition (Disaster Recovery Edition) Backup Wizard Online Restore Wizard Online Restore Wizard for AD LDS (ADAM) Group Policy Restore Wizard Repair Wizard Extract Wizard Events generated by Recovery Manager for Active Directory Descriptions of PowerShell commands
Add-RMADBackup Add-RMADCollectionItem Add-RMADReplicationConsole Add-RMADStorageServer Backup-RMADCollection Close-RMADFEProject Compare-RMADObject Convert-RMADBackup ConvertTo-RMADRecycledObject Copy-RMADFEBackup Create-RMADStorageAgentSetup Expand-RMADBackup Export-RMADBackup Export-RMADFERecoveryCertificate Export-RMADFEResult Export-RMADSecureStorageBackup Get-RMADBackup Get-RMADBackupAgent Get-RMADBackupInfo Get-RMADBackupObject Get-RMADBackupSecurityStatus Get-RMADCollection Get-RMADCollectionItem Get-RMADDeletedObject Get-RMADFEAvailableSubnet Get-RMADFEComputer Get-RMADFEConsole Get-RMADFEDnsCache Get-RMADFEDomain Get-RMADFEEvent Get-RMADFEGlobalOptions Get-RMADFEOperation Get-RMADFEPersistenceConnection Get-RMADFEProject Get-RMADFERecoveryAgent Get-RMADFESchedule Get-RMADGlobalOptions Get-RMADLicenseInfo Get-RMADObject Get-RMADReplicationConsole Get-RMADReplicationSchedule Get-RMADReplicationSession Get-RMADReplicationSessionItem Get-RMADReportObject Get-RMADReportObjectAttributes Get-RMADReportObjectChildren Get-RMADReportSession Get-RMADSession Get-RMADSessionItem Get-RMADSessionItemEvent Get-RMADStorageServer Get-RMADStorageServerHardeningStatus Get-RMADStorageServerRetentionPolicy Import-RMADBackup Import-RMADFERecoveryCertificate Install-RMADBackupAgent Install-RMADFERecoveryAgent New-RMADCollection New-RMADFEProject New-RMADFERecoveryMedia New-RMADSchedule Open-RMADFEProject Protect-RMADSecureStorageServer Protect-RMADStorageServer Publish-RMADBackupSecurityStatus Refresh-RMADStorageServer Register-RMADSecureStorageBackups Remove-RMADBackup Remove-RMADBackupAgent Remove-RMADCollection Remove-RMADCollectionItem Remove-RMADFERecoveryAgent Remove-RMADFESchedule Remove-RMADReplicationConsole Remove-RMADReplicationSchedule Remove-RMADReplicationSession Remove-RMADStorageServer Remove-RMADUnpackedComponent Rename-RMADCollection Restore-RMADDeletedObject Restore-RMADDomainController Restore-RMADObject Resume-RMADFERecovery Save-RMADFEProject Set-RMADCollection Set-RMADFEComputer Set-RMADFEDnsCache Set-RMADFEDomain Set-RMADFEGlobalOptions Set-RMADFEPersistenceConnection Set-RMADFERecoveryMode Set-RMADFESchedule Set-RMADGlobalOptions Set-RMADReplicationConsole Set-RMADReplicationSchedule Set-RMADStorageServerRetentionPolicy Start-RMADFERecovery Start-RMADFERecoveryAgentOperation Start-RMADFEVerification Start-RMADReplication Start-RMADReportViewer Stop-RMADFEWorkflow Test-RMADSecureStorageBackup Unprotect-RMADStorageServer Update-RMADBackupAgent Update-RMADFEProject Update-RMADLicense

Creating a virtual test environment using Disaster Recovery Edition

Recovery Manager for Active Directory Disaster Recovery Edition allows you to create a virtual test environment from an Active Directory forest. You can use the created test environments to design and evaluate Active Directory disaster recovery scenarios, test planned Active Directory changes before deploying them to production, train your staff to perform Active Directory-related tasks, and more.

NOTE

Never restore or copy any data from your virtual test environments to the production Active Directory.

Possible scenarios:

  • Create a virtual test environment using BMR backups with or without Active Directory backups and the Bare Metal for Active Directory Recovery method

  • Create a virtual test environment using Active Directory backups and the Restore on Clean OS recovery method

  • Or combine both approaches

The main advantage of these approaches is that you do not need to have a working production environment to create a test lab. Only BMR and/or Active Directory backups are required.

IMPORTANT

To ensure that the target virtual machine in the virtual lab does not affect the source environment, a customer must guarantee the isolation of the target lab. Otherwise, the source forest may be seriously damaged. To get more information about the isolation of the virtual network, see Isolated virtual network and DNS. If you create a lab with an isolated virtual switch, you need to ensure that the Forest Recovery Console and BMR backup storage are connected to the isolated network. You can achieve this by adding virtual network adapters to these machines or by creating a designated VM with Forest Recovery installed and required BMR backups copied to it. Backups should be accessible from the Console machine and from the created target virtual machines. Please note, that initially you won't have a working DNS server in the isolated network. So, ensure that the Forest Recovery Console is able to resolve the BMR backup path to IP address in the isolated network.

To create a virtual test environment from an Active Directory forest, you need to select the source domain controllers you want to include in the test environment. Standalone servers are not supported yet in this scenario.

When creating virtual machines from the source computers, Recovery Manager for Active Directory uses third-party virtualization software, such as VMware ESXi/vCenter or Microsoft Hyper-V. For details, see VMware ESXi or Microsoft Hyper-V.

You can create virtual machines that maintain all the data available on the source computers, included in BMR and Active Directory backups. To manage the created virtual test environment, you need to use the tools provided by the virtualization software with which the virtual machines were created in the test environment.

To create a virtual test environment using Recovery Manager for Active Directory Disaster Recovery Edition
  1. You can create the target lab with one virtual machine using the selected virtualization software and install Recovery Manager for Active Directory Disaster Recovery Edition on this virtual machine or use the instance of Forest Recovery Console from the production environment. If you use the single instance of Forest Recovery Console, make sure that your recovery project is configured properly and source domain controllers will not be affected by the test lab.

  2. Backups can be stored on the backup shared storage that is available for both production and test lab networks. Otherwise, you need to copy backups to the test lab environment. Register required production BMR backups in this instance of Recovery Manager for Active Directory. If you use the single instance of Forest Recovery Console, all backups have already registered.

  3. Create a recovery project. For domain controllers that will not be included in the target lab, select the Do not recover method.

  4. Select the Bare Metal for Active Directory Recovery method and set up all other recovery settings on the General tab for each domain controller that you want to recover.

    Resources/Images/SecondStage.png

  5. Configure all required settings on the Infrastructure tab depending on your virtualization software. For details and requirements, see VMware ESXi or Microsoft Hyper-V.

    Resources/Images/VM_ware2.png

  6. Alternatively, you can use Active Directory backups with the Restore Active Directory on Clean OS method instead of restore from BMR backups. In this case, you should provide running Windows-based machines (virtual or physical) with the corresponding Windows version. Do not forget that these machines must be isolated from accessing the production network.

    Resources/Images/Test_lab_clean_OS.png

  7. Start the forest recovery operation.

 

Using Management Shell

 

About Management Shell

The Recovery Manager for Active Directory Management Shell, built on Microsoft Windows PowerShell technology, provides a command-line interface that enables automation of backup/recovery-related administrative tasks. With this Management Shell, administrators can manage Computer Collections, backup/recovery sessions, compare and start backup/recovery jobs.

The Management Shell command-line tools (cmdlets), like all the Windows PowerShell cmdlets, are designed to deal with objects—structured information that is more than just a string of characters appearing on the screen. The cmdlets do not use text as the basis for interaction with the system, but use an object model that is based on the Microsoft .NET platform. In contrast to traditional, text-based commands, the cmdlets do not require the use of text-processing tools to extract specific information. Rather, you can access portions of the data directly by using standard Windows PowerShell object manipulation commands.

 

Installing and opening Management Shell

This section covers:

 

Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen