Recovery Manager for Active Directory supports Integrity checks for Active Directory® backups.
A checksum is calculated for the backup and written into the backup file when it is created. An integrity check recalculates the checksum and compares it to the checksum stored in the backup file.
Integrity checks are recorded as a Windows Eventlog event on the console during the integrity check. The events can be found in Applications and Services Log | Recovery Manager for Active Directory. If Email is configured, then email notifications are sent for integrity checks that are performed either after creating a backup (controlled by the Run an integrity check after creating a backup setting); or after creating a scheduled backup for the previous N sessions (controlled by the Check the integrity of previously created backups after a scheduled backup setting). The integrity check results are combined with the backup creation results and sent as a single message. If the Send notification upon errors or warnings only setting is selected, then an notification will only be sent if the integrity check report contains the results Backup file is corrupted or Integrity check failed. If all integrity checks are successful, no email notification will be sent.
The following statuses can be displayed after running the integrity check:
| Status | Description | 
|---|---|
| Passed | The newly calculated checksum value matches the previously calculated checksum stored in the backup file. | 
| Unknown | The integrity check was not performed. | 
| Running | The integrity check is in progress. | 
| Failed | The backup is not accessible (wrong credentials) or may have been moved from the path. | 
| No Checksum | The previously calculated checksum could not be read. This could be due to the backup being created by a previous version of the product. The backup also may have been damaged in such a way that the checksum was also affected. | 
| Corrupted | The newly calculated checksum value does not match the previously calculated checksum stored in the backup file. | 
Recovery Manager for Active Directory makes it possible to create, update, and apply Active Directory® backups remotely across an entire network. It can be installed on an administrator’s workstation, allowing all operations to be performed from a single, central location. These operations include the creation, update, and storage of backups, as well as the restoration of Active Directory® and Group Policy data from a backup.
Backups created with Recovery Manager for Active Directory can be stored in a central location, at several locations on a distributed network, or on selected computers with physically restricted access. Access to Active Directory® backups can be restricted using backup encryption along with security mechanisms provided by the operating system.
To assist with troubleshooting lost or changed Active Directory® objects, AD LDS (ADAM) objects, or Group Policy objects, Recovery Manager for Active Directory provides the ability to compare the current state of individual objects in Active Directory® or AD LDS (ADAM) with that in an Active Directory® or AD LDS (ADAM) backup. This functionality is particularly useful for locating the source of and resolving problems resulting from the deletion or modification of critical objects.
During a restore operation, Recovery Manager for Active Directory allows for the creation of comparison reports, which present the changes that have occurred in Active Directory® or AD LDS (ADAM) since the last backup, without actually applying changes to Active Directory® or AD LDS (ADAM). Such reports show the objects that were deleted or modified since the backup was made. In addition, they show the properties of directory objects and settings of Group Policy objects that would change during the operation. An administrator can then review these changes and decide whether to apply them.
To provide information on who modified particular Active Directory® objects, Recovery Manager for Active Directory integrates with Change Auditor and includes the Change Auditor data into the reports.
From version 10.0.1, Recovery Manager for Active Directory restores the deleted object(s) and restores the last change (if any) that was made to the object attributes after creating the backup, using the data from the Change Auditor database. This functionality is based on the auditing capability provided by Change Auditor for Active Directory, an award-winning product that helps to proactively track, audit, report, and alert on vital Active Directory® changes in real-time and without the overhead of auditing.
You can find out more about Change Auditor for Active Directory at https://www.quest.com/products/change-auditor-for-active-directory/.
For details about this feature, see Integration with Change Auditor for Active Directory.