Chat now with support
Chat mit Support

Recovery Manager for AD 10.3.1 - User Guide

Overview Getting started
Permissions required to use Recovery Manager for Active Directory Recovery Manager Console Getting and using help Configuring Windows Firewall Using Computer Collections Hybrid Recovery with On Demand Recovery Managing Recovery Manager for Active Directory configuration Licensing
Backing up data
Permissions required for the Backup operation Managing Backup Agent Using a least-privileged user account to back up data Using Managed Service Accounts Active Directory backups vs Windows System State backups Creating BMR and Active Directory backups Using the Backup Wizard Retrying backup creation Enabling backup encryption Backing up AD LDS (ADAM) Backing up cross-domain group membership Backing up distributed file system (DFS) data Backup scheduling Setting performance options Setting advanced backup options Unpacking backups Using e-mail notification Viewing backup creation results
Restoring data
Getting started with Active Directory recovery Managing deleted or recycled objects Restoring backed up Active Directory components Integration with Change Auditor for Active Directory Using granular online restore Restoring AD LDS (ADAM) Selectively restoring Active Directory object attributes Restoring objects in an application directory partition Restoring object quotas Restoring cross-domain group membership Performing a restore without having administrator privileges Reports about objects and operations Using complete offline restore Offline restore implications Restoring SYSVOL authoritatively Performing a granular restore of SYSVOL Recovering Group Policy Restoring data from third-party backups Using the Extract Wizard Restoring passwords and SID history
Full Replication Consolidating backup registration data Using Management Shell Collecting diagnostic data for technical support Appendices
Frequently asked questions Best practices for using Computer Collections Technical characteristics Best practices for creating backups Ports Used by Recovery Manager for Active Directory Backup Wizard Online Restore Wizard Online Restore Wizard for AD LDS (ADAM) Group Policy Restore Wizard Repair Wizard Extract Wizard Events generated by Recovery Manager for Active Directory

What's the difference between the agentless restore method and the agent-based restore method?

Recovery Manager for Active Directory provides two different methods of restoring objects online. A check box in the Online Restore Wizard allows you to specify which method to use. The agentless method uses Microsoft Tombstone Reanimation interface to undelete the object and then re-applies all attributes that are not stored in the object's tombstone from the backup using ADSI calls. This method requires that the target domain controller be running Windows Server® 2008 R2 or later.

Aside from operating system support, there are some additional differences between the two methods. The agentless and agent-based methods require different permissions to run. For example, the agentless method supports delegated permissions as outlined in the User Guide. The agentless method may not restore some attributes, depending on the operating system and service pack level, namely user passwords and SIDHistory, as these attributes cannot be set using ADSI. In order to restore these attributes using the agentless method, you can configure the Active Directory® schema to store these attributes in the object tombstone as described in the User Guide.

 

Can I undelete a mailbox-enabled user?

Yes, you can undelete mailbox-enabled users with the online restore function of RMAD. When you undelete a mailbox-enabled user within the mailbox retention period, the user’s access to the mailbox is also restored.

After a user is deleted, the Exchange Server retains the user’s mailbox for a specified period, before permanently deleting the mailbox. If the mailbox retention period has expired, the mailbox access associated with the undeleted user is not recovered. RMAD cannot restore mailboxes that have been permanently deleted.

 

In the Group Policy Restore Wizard, a GPO link is shown as deleted, but the link actually exists in Active Directory. What's wrong?

If a link’s No Override option or Disabled option has been changed, RMAD treats the link as having been deleted, and assumes that a new link was created with new options. This behavior is by design.

 

What is a primary restore of the SYSVOL?

A primary restore is intended to recover the initial member of the SYSVOL replica set, only when the entire replica set has been lost. A primary restore should therefore not be used if there are two or more operational domain controllers in the domain. If there are other members in the replica set with which the restored SYSVOL can synchronize, a primary restore should not be performed, as it disrupts the replication of SYSVOL data.

For more information about primary restore, see the Microsoft article “Authoritative, Primary, and Normal Restores” at How to force authoritative and non-authoritative synchronization for DFSR-replicated sysvol replication.

 

Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen