You can assign specific roles to the Recovery Manager Portal users. A role assigned to a user defines the Recovery Manager Portal user interface elements and functionality available to that user. You can only assign portal roles by using the account under which the Recovery Manager Portal was installed. By default, this account is granted all portal roles.
To assign portal roles, you can use local security groups existing on the computer where the Recovery Manager Portal is installed. By adding or removing members in these groups you can define the scope of authority for a portal user and the operations that the user can perform in the Recovery Manager Portal.
The local security groups are as follows:
Recovery Manager Portal - Configuration Admins. Members in this group have permissions to modify the Recovery Manager Portal configuration and delegate restore permissions to other Recovery Manager Portal users.
Recovery Manager Portal - Recovery Operators. Members in this group have permissions to restore or undelete Active Directory objects by using the Recovery Manager Portal.
Recovery Manager Portal - Undelete Operators. Members in this group have permissions to undelete Active Directory objects by using the Recovery Manager Portal.
Recovery Manager Portal - Monitoring Operators. Members in this group can view the health summary and backup creation history for the Recovery Manager for Active Directory instances with which the portal is configured to work.
You can delegate permissions to restore or undelete objects in specific Active Directory containers to the users or groups of your choice. These users or groups must reside in the Active Directory forest where the Recovery Manager Portal is installed and be assigned an appropriate portal role. For more information about portal roles, see Assigning roles to portal users.
To delegate restore permissions, you also must have a specific role in the Recovery Manager Portal. For details, see Assigning roles to portal users.
Connect to the Recovery Manager Portal with your Web browser.
In the Recovery Manager Portal, open the Configuration tab.
Expand Active Directory Domains.
Click the name of the domain that includes the containers on which you want to delegate permissions.
Click Configure a list of delegates, and then expand the domain entry.
Click the container on which you want to delegate permissions.
Click Add, to specify delegates to the Users or groups list.
In the dialog that opens, you can find and add users and groups from any trusted domain in the Active Directory forest.
Below the Users and groups list, select the operations you want to grant or deny to the added users or groups.
When you are finished, click OK. If necessary, repeat steps 6-9 for other containers in the domain.
You can configure the Recovery Manager Portal to send notification e-mails to specific recipients when the health state of any Recovery Manager for Active Directory instance with which the Recovery Manager Portal is configured to work changes from healthy to unhealthy or vice versa.
Connect to the Recovery Manager Portal with your Web browser.
In the Recovery Manager Portal, open the Configuration tab.
Expand Portal Settings, and then click E-mail notification.
Use the following options in the dialog box that opens:
Outgoing SMTP server. Type the fully qualified domain name (FQDN) or IP address of the SMTP server you want to use for sending notification e-mails.
SMTP port. Type the number of the port on which you want to connect to the server.
Sender e-mail address. Type the e-mail address you want to display in the From field of all notification e-mail messages.
Notification recipients. Here you can specify a list of notification recipients. To specify multiple values, use semicolon as the separator.
User name and password. Type the user name and password of the user account you want to use to send notification e-mails from the SMTP server. The account must have the appropriate permissions.
When you are finished, click OK to apply your settings.
Please consider the following behavior of the Recovery Manager Portal:
By default, the permissions to restore or undelete objects in an Active Directory domain are only granted to the members of the Domain Admins group in that domain. However, you can delegate the restore or undelete permissions to the portal users you want. For more information, see Delegating restore or undelete permissions.
By default, the Recovery Manager Portal uses the agent-based method for all search and restore operations, regardless of the settings configured on the Recovery Manager for Active Directory instance used to perform these operations. For more information about the agent-based method, see Agent-based method in Using agentless or agent-based method. You can change the portal settings to use the agentless method.
Connect to the Recovery Manager Portal with your Web browser.
In the Recovery Manager Portal, open the Configuration tab.
Expand Portal Settings, and then select the Use agentless method for all search and restore operations check box.
To undelete an Active Directory object, the Recovery Manager Portal uses Microsoft’s Active Directory Recycle Bin feature if it is enabled in the target forest. If this feature is unavailable, the Recovery Manager Portal restores the object from the latest available unpacked backup that includes the object before its deletion.
© ALL RIGHTS RESERVED. Conditions d’utilisation Confidentialité Cookie Preference Center