These release notes provide information about the Quest® Recovery Manager for Active Directory Disaster Recovery Edition 10.2.1 release.
Recovery Manager for Active Directory enables fast, online recovery. Comparison reports highlight what objects and attributes have been changed and deleted in Active Directory enabling efficient, focused recovery at the object or attribute level. Accurate backups and a quicker recovery enable you to reduce the time and costs associated with AD outages and reduce the impact on users throughout your organization.
Recovery Manager for Active Directory is based on patented technology.
Recovery Manager for Active Directory 10.2.1 is a release with new features and functionality. See New Features and Enhancements.
This section covers new features and enhancements in Quest® Recovery Manager for Active Directory 10.2.1.
Recovery Manager for Active Directory Disaster Recovery Edition provides the ability to set up and use dedicated cloud storage locations for backups. Cloud Storage in combination with Tier 1 storage options ensure that your critical backups are always available in case of disaster.
By using Cloud Storage you can store your AD and BMR backups in the cloud ensuring that your backups are always accessible and protect your backup files with storage account properties such as immutability policies, and redundancy with different types of replication.
Recovery Manager for Active Directory Disaster Recovery Edition 10.2.1 has enhanced the Secure Storage server feature.
New features available:
New Secondary Storage tab on Computer Collection Properties to configure a Secure Storage server and provide required access credentials to read backups to be copied to secondary storage.
New PowerShell cmdlets Set-RMADStorageServerAllowedVolumes and Get-RMADStorageServerAllowedVolumes available in the Management Shell to configure which volumes are allowed to store backups.
The Secure Storage server properties dialog displays used and free space on each volume on the server including a warning indication when space is low.
New validation performed during the installation of a Secure Storage agent to ensure the Secure Storage server is a standalone server and not domain joined.
IMPORTANT |
An upgrade to the Secure Storage agent is required for new functionality. Refer to Upgrade and installation instructions below and the User Guide supplied with this release of the product. |
Enhancement | ID (old) | ID (new) |
---|---|---|
Recovery Manager for Active Directory 10.2.1 | ||
Usability improvements to the Computer Collections Properties dialog including removal of Logging tab and introduction of new tab for Secondary Storage | N/A | ADO-283362 |
Creation of Management Shell Guide which lists all available PowerShell cmdlets, with examples. Appendix removed from User Guide | N\A | ADO-275100 |
Support Microsoft Edge browser in the Web Portal | RMADFE-1372 | ADO-220837 |
Add option to skip replication after recovery on RMAD portal UI | RMADFE-815 | ADO-220726 |
New portal settings and improvements for Web Portal configuration | RMADFE-1182 | ADO-220796 |
Recovery Manager for Active Directory 10.2 | ||
Rename system state backups to Active Directory backups | RMADFE-3009 | ADO-218405 |
Hide the "Components" tab in computer collection settings | RMADFE-3042 | ADO-218415 |
SCOM 2019 support | N\A | ADO-219783 |
Pass through Synchronize across time zones from windows task scheduler to RMAD | RMADFE-952 | ADO-220703 |
Create Logs Daily to be on by default | N\A | ADO-223980 |
Display operating system version for all backups | N\A | ADO-228741 |
Enhancement | ID (old) | ID (new) |
---|---|---|
Recovery Manager for Active Directory 10.2.1 | ||
Automatically enable File and Printer Sharing on the clean OS machine when installing FR agent | RMADFE-2778 | ADO-242106 |
RMAD Console and Forest Recovery Agent cannot read AD configuration with more than 1000 sites | N\A | ADO-274279 |
Recovery Manager for Active Directory 10.2 | ||
Forest Recovery simulation mode available | RMADFE-920 | ADO-218277 |
The 'View Recovery Report' action should be available as one of the post recovery dialog actions | RMADFE-3034 | ADO-218413 |
Encrypt credentials in Forest Recovery project using AESCryptoServiceProvider instead of TripleDESCryptoServiceProvider | RMADFE-2199 | ADO-220948 |
Allow RMAD backup to continue if forest recovery agent cannot be installed | N\A | ADO-221433 |
Set default global catalog handling option to "Keep GC Intact" | N\A | ADO-223871 |
Show 'object's tombstone is expired' detailed warning in the Online Restore Wizard | RMADFE-1613 | ADO-223987 |
Default recovery method to the Repromotion phase should be "Install AD", not "ReinstallAD" | N\A | ADO-234195 |
Tool to update backup creation date in simulation projects | N\A | ADO-234197 |
Keep previous recovery methods when changing recovery mode like Forest Recovery --> Repromotion --> Forest Recovery | N\A | ADO-234201 |
Every DC in simulation project should have a backup created for this domain controller so all recovery methods are available | N\A | ADO-234203 |
Enhancement | ID (old) | ID (new) |
---|---|---|
Recovery Manager for Active Directory 10.2.1 | ||
Support console local storage as a primary storage for copying to Secure Storage server | N/A | ADO-280129 |
Smart instance type selection for Azure virtual machine creation with Restore to Clean OS feature | N/A | ADO-281406 |
In the Secure Storage node provide ability to sort/filter/group backups in the RMAD console | N/A | ADO-278538 |
As a part of server hardening check server and do not allow a domain joined server. Secure Storage agent will not be installed | N/A | ADO-258979 |
Ability to configure volume for backups on Secure Storage server. Default to copy backups to non system drives. | N/A | ADO-276487 |
Option to specify static IPs for Azure virtual machine creation | N/A | ADO-315595 |
Improvement for template selection in Restore to Clean OS | N/A | ADO-297078 |
Support verify for 'Restore to Clean OS' on live DCs, show warning when live DC is contacted | RMADFE-2933 | ADO-218376 |
Show free disk space and warning when space is low for volumes on Secure Storage server | N/A | ADO-227980 |
Recovery Manager for Active Directory 10.2 | ||
The current image file is not recreated if the file is not older than X days and the version of the Forest Recovery agent and network settings are not changed | N\A | ADO-218323 |
Document how to pre-configure clean external DNS server which is used for BMR or Clean OS recovery | RMADFE-3110 | ADO-218435 |
Show computer collection type (system state/BMR) in the RMAD console collections grid | RMADFE-3228 | ADO-218917 |
In "Restore to Clean OS" we need to disable Windows Updates before promoting machine to DC | N\A | ADO-229862 |
Recreate ISO when third-party drivers added or removed | N\A | ADO-230402 |
Log the recovery event with source disk configuration information | N\A | ADO-230457 |
Validate source and target disks layout match | N\A | ADO-230963 |
Resolved Issue | ID (old) | ID (new) |
---|---|---|
Recovery Manager for Active Directory 10.2.1 | ||
Allow to unselect Console storage immediately as alternative has been configured | N/A | ADO-220573 |
Large number of scheduled tasks can cause Console, Replication and PowerShell cmdlets to be extremely slow | RMADFE-1837 | ADO-242166 |
RMAD Portal does not show proper backups | N/A | ADO-256164 |
Remove a BOM prefix from the script file | N/A | ADO-257798 |
Error in the web portal logs 'Cannot init EP configuration section' | N/A | ADO-273469 |
Unpacking the backup and the retention policy may fail if the DC cannot be accessed via LDAP from the RMAD console machine | N/A | ADO-279431 |
RPC calls to Backup Agent are not retried on RPC_S_SERVER_TOO_BUSY error | N/A | ADO-314812 |
Misleading 'Unable to map the network share IPC$ on the computer' error mssage on attempt to map UNC share | N/A | ADO-316902 |
Installation fails with an invalid error message when using a local windows credential to connect to the remote SQL server | N/A | ADO-317818 |
'Insufficient rights' error in the web portal fixed.Addition of a domain is now changed to allow all domain admins by default | RMADFE-2437 | ADO-319010 |
Online Restore Wizard cannot undelete an object using a non-administrative account. Restoring an object in Online Restore Wizard using a non-administrative account may result in the following error for NT-Security-Descriptor attribute: "Cannot retrieve attribute value(s) from Active Directory. Possible reason: Insufficient access rights." To ignore this error, the NT-Security-Descriptor attribute can be excluded from the list of restored attributes. | N/A | ADO-293311 |
Recovery Manager for Active Directory 10.2 Hotfix 1 | ||
Installation of Quest personal certificates to the local certificate store failed. Receive error message to install Quest certificates later. This should not be required. | N/A | ADO-274643 |
Computer Collection scheduled tasks removed after upgrade to 10.2 if gMSA used as the scheduled task account | N/A | ADO-280854 |
rmad.db3 file gets overwritten during an uninstall -> install of version 10.2 | N/A | ADO-283069 |
Cannot retain the uncheck "Global Catalog Servers" option in the Advanced tab of the Computer Collection properties window | N/A | ADO-230397 |
It will display 'Network access is denied' error in Win2016/2019 if specify account to restore GPO with "domain\username" format | N/A/ | ADO-233623 |
Cannot see some advanced objects in the object picker in Online Restore Wizard | N/A | ADO-275027 |
Recovery Manager for Active Directory 10.2 | ||
Security Vulnerability - Sensitive comments embedded within client-side code sent to an end user machine | RMADFE-3244 | ADO-218142 |
Security Vulnerability - Runtime hardening (SEP, ASLR and other) | RMADFE-3248 | ADO-218146 |
Full replication fails when a DC is selected for the option 'Unpack each backup upon its creation' in the master console | RMADFE-1858 | ADO-218500 |
Storage agent settings are not applied on install | N\A | ADO-219910 |
No progress/wait indication after clicking 'OK' on the 'Add Console…' dialog | N\A | ADO-224321 |
Backup fails if the Domain Controllers OU has a AzureADKerberos computer object in it as part of Azure AD FIDO deployment | N\A | ADO-227903 |
Improve documentation with information on number of scheduled computer collections for optimal performance | N\A | ADO-232614 |
Access Violation in the ProcessRequest function and crashes service | N\A | ADO-232682 |
Remove mutual exclusion mechansim between replication process and restore process | RMADFE-1575 | ADO-237972 |
Display correct backup info and support restore for Collections with containers (not DCs) | N\A | ADO-240580 |
Retriable VSS error causes undefined behavior in Backup Agent on retry | N\A | ADO-241825 |
Modify the configuration to remove collision problems with SHA1, moved to SHA256 | N\A | ADO-253913 |
Retention policy ignores collection and consider backups of all collections | N\A | ADO-259645 |
Recovery Manager for Active Directory 10.1.1 HF1 | ||
RMAD console crashes while building comparison report. | N\A | ADO-240300 |
Recovery Manager for Active Directory 10.1.1 | ||
Agent-based online restore can result in lsass process crash. | RMADFE-3233 | ADO-218222 |
Unable to restore AD object when user provides smart card PIN and username hint. | RMADFE-3132 | ADO-218574 |
Configuring a backup schedule is disabled when creating a backup from Recover Manager for Active Directory > Create Backup. | RMADFE-3260 | ADO-219136 |
SCOM pack Get Collections call results in Access denied errors. | RMADFE-3025 | ADO-220574 |
Increasing number of scheduled tasks makes Console, Replication, and Cmdlets extremely slow. | RMADFE-1837 | ADO-223040 |
RMAD console crashed due to missing DLL Microsoft.Xaml.Behaviors.dll. | N/A | ADO-226682 |
After restore a User Object Member Of is different than in Active Directory | N/A | ADO-230090 |
Resolved Issue | ID (old) | ID (new) |
---|---|---|
Recovery Manager for Active Directory 10.2.1 | ||
Check Forest Health can get stuck on the second step | RMADFE-3041 | ADO-218559 |
New recovery project, selecting a Backup display the adding time in the Backup Age colum instead of backup age | N/A | ADO-237971 |
'There is no PREFERRED_DNS value' error occurs, if no DNS server is found on installing Active Directory | RMADFE-2437 | ADO-242191 |
Feature loss in Forest Edition: Cannot skip a backup for non-authoritative DCs in Sysvol recovery mode | N/A | ADO-245551 |
'There is no PREFERRED_DNS value' error when a 'Select preferred DNS' agent operation did not return a result it causes product to hald and cannot be skipped or aborted | N/A | ADO-253457 |
Resume Forest Recovery show 'Password is incorrect' | N/A | ADO-254788 |
Installing Forest Recovery agent hangs if SMB shares are disabled | N/A | ADO-285225 |
Recovery Manager for Active Directory 10.2 Hotfix 1 | ||
During upgrade a DBImport error occurs when antimalware status data exists. Caused by debug logging on by default. | N/A | ADO-274622 |
GPO Comparison Report is not working | N/A | ADO-278211 |
Recovery Manager for Active Directory 10.2 | ||
Email notification template contains invalid text and status message | N\A | ADO-252659 |
Verification email contains incorrect backup data | N\A | ADO-252866 |
Creating ADVL fails when unable to access VConverter error | N\A | ADO-253382 |
Wrong replication partner is selected in IFM recovery on second phase. IFM failed | N\A | ADO-253681 |
IFM script does not automatically reboot DC after installed AD DS tools. IFM failed | N\A | ADO-253778 |
Install AD moethd on second pahse may fail with "Unable to connect to the replication source" | N\A | ADO-225791 |
IPSec isolation policy was not removed successfully when previous forst recovery is aborted and left dirt data | N\A | ADO-237004 |
IPSec isolation policy was not removed successfully during restore | N\A | ADO-237049 |
The "Reset computer account" operation fails when some other recovery operation failed and retried earlier | RMADFE-2659 | ADO-242197 |
After upgrade from 10.1 to 10.1.1, the Verify Settings in Forest Recovery console send emails with some kind of strange status messages | N\A | ADO-242679 |
Recovery Manager for Active Directory 10.1.1 HF1 | ||
Forest Recovery fails if the only drive encrypted with BitLocker is removed. | N\A | ADO-222308 |
Recovery Manager for Active Directory 10.1.1 | ||
IPv6 based UNC Path support. | RMADFE-3232 | ADO-218913 |
Scanning of all backups does not stop when one of the processes ends urgently. | N/A | ADO-219145 |
Errors when trying to restore SYSVOL: Need to improve the RPC stability. | N/A | ADO-228250 |
ADVL converter returns 500 error. | N/A | ADO-230091 |
Error when booting VM: "Invalid location type. Location accepts only VIDatastore objects." | N/A | ADO-233811 |
Resolved Issue | ID (old) | ID (new) |
---|---|---|
Recovery Manager for Active Directory 10.2.1 | ||
Cache and reuse the extracted WinRE images | RMADFE-3206 | ADO-218577 |
Health Check wizard should work after Restore to Clean OS | N/A | ADO-226971 |
Bare Metal Recovery backup does not work with SAN policy set to OfflineAll | RMADFE-1955 | ADO-242174 |
Restore Clean OS failed if original DC has encrypted volumes | RMADFE-2857 | ADO-242202 |
Recreate ISO when third-party drivers added or removed | RMADFE-2928 | ADO-242204 |
Installing Active Directory may fail with access denied due to lack of permissions to write the objects into Computers OU. To workaround, user must set the JoinDomainBeforeInstallAD option to True in FRConsoleSettings.xml file. This will skip joining OU Computers during the promotion of the DC and join it directly to OU Domain Controllers. | RMADFE-3101 | ADO-242598 |
Incorrect filtering of backups on the secure storage server | N/A | ADO-278874 |
Password showing in clear text for event id 403, showing PowerShell script name, the user name, and password | N/A | ADO-281399 |
Project verification with Zero touch configured reboots the working servers to WinRE mode | N/A | ADO-283230 |
Unable to verify settings if Azure virtual machine exists or is shut down | N/A | ADO-304177 |
Forest Recovery with VMWare machine creation fails if source has BIOS firmware and more than one critical disk | N/A | ADO-313724 |
Console crashes if storage server refresh fails when secure storage backups node is selected | N/A | ADO-315182 |
Failed to establish DNS configuration after recovery with Azure virtual machine | N/A | ADO-318396 |
Failed to prepare infrastructure on Azure VM with 'QuestSoftware.RecoveryManager.AD.ForestRecovery.LocalizableException: Cannot find path because it does not exist' message | N/A | ADO-318660 |
Change the warning which explains that the recovery ISO should be dismounted | N/A | ADO-318768 |
Error message prompting the user failed because the host program or the command type does not support user interaction, after failing to create VM in Azure and Retry All operations for a specific DC | N/A | ADO-319038 |
Cannot validate argument on parameter 'VM'. The argument is null or empty | N/A | ADO-319040 |
Unable to access the backup on Azure file share during Clean OS Restore to Azure VMs | N/A | ADO-304022 |
For Azure VM creation, a cloned Infrastructure platform template is not automatically selected on the infrastructure tab after Service Principle generation | N/A | ADO-259493 |
Azure VM creation does not work with Az Powershell module 7.0.0. API changes in Service principal management commandlets used by RMAD. | N/A | ADO-323193 |
Recovery Manager for Active Directory 10.2 Hotfix 1 | ||
Zero touch against Dell server not working. Forward slash in the ISO access credentials is required. | N/A | ADO-274417 |
Integrity check may fail if the storage server is registered using an IP address | N/A | ADO-274471 |
Double backslash in the backup path on the storage server causes failure | N/A | ADO-274472 |
Cannot perform BMR restore in 10.2 if the source machine is BIOS with a SCSI boot volume | N/A | ADO-277893 |
"System.ArgumentException: An item with the same key has already been added" error during BMR recovery when multiple DCs configured to boot using iLO | N/A | ADO-282728 |
Dell and HP ZeroTouch settings are converted to templates on upgrade | N/A | ADO-283208 |
Template selection and configuration usability improvements and clarification with better text | N/A | ADO-297078 |
Recovery Manager for Active Directory 10.2 | ||
An error "Index(zero based) must be greather than" during BMR recovery on the Restore disks step | N\A | ADO-218575 |
When processing Bare Metal Active Directory recovery for Korean Windows, it created error message in 'Run pre-recovery checks' step | N\A | ADO-219702 |
During BMR recovery restart domain controller in normal mode hanging | N\A | ADO-227232 |
"Collection diagnostic data" tool fails to collect data from target machine in Clean OS and BMR modes | N\A | ADO-227427 |
Cannot bind parameter 'DomainMode' to the target error | N\A | ADO-232543 |
DC restored with 'Restore to Clean OS' method from backup without DNS partition should not be selected as Primary DNS server | RMADFE-3100 | ADO-242133 |
Recovery Manager for Active Directory 10.1.1 HF1 | ||
Restore to clean OS fails if original DC has encrypted volumes. | RMADFE-2857 | ADO-232951 |
Recovery Manager for Active Directory 10.1.1 | ||
Impossible to collect an encrypted BMR backup when Bitlocker was hardened by GPOs. | RMADFE-3212 | ADO-218269 |
Cannot create BMR backup for the domain controller with Data Duplication enabled on a non-critical volume. | RMADFE-3211 | ADO-218929 |
Impossible to collect an encrypted BMR backup when GPO "Choose drive encryption method and cipher strength (Windows 10 [Version1511] and later)" is set. | RMADFE-3213 | ADO-219148 |
Error when processing Bare Metal Active Directory Recovery in Forest Recovery Console. | N/A | ADO-222538 |
"Invalid server certificate" error occurs when connecting to vCenter. | N/A | ADO-227404 |
Bare Metal Recovery fails with error "The process terminated unexpectedly" if the target disk is too small. | N/A | ADO-230712 |
Permissions applied based on current documentation and BMR restore does not work - no access to list data stores. | N/A | ADO-232623 |
Recovery Manager for Active Directory fully supports Transport Layer Security (TLS) 1.2. It is recommended that you upgrade to TLS 1.2 for secure communications.
Security Resolved Issue | ID (old) | ID (new) |
---|---|---|
Recovery Manager for Active Directory 10.2.1 | ||
Do not use SHA1 for key derivation function to generate hash for creation of AES-256 key for backup encryption | --- | --- |
© 2024 Quest Software Inc. ALL RIGHTS RESERVED. Términos de uso Privacidad Cookie Preference Center