On this tab, you can configure e-mail notification settings. Recovery Manager for Active Directory (RMAD) will use these settings to send notification e-mails about backup creation sessions.
This tab provides the following options:
Service Type Select SMTP Authentication or Exchange OAuth2 for Microsoft 365 Exchange Online.
SMTP Authentication
To set up email notifications for Exchange, specify the following for SMTP Authentication:
SMTP server. Provides a space for you to specify the SMTP server for outgoing messages.
SMTP port. Provides a space for you to specify the port number (default port for SMTP is 25) to connect to on your outgoing mail (SMTP) server.
From address. Provides a space for you to specify the return address for your e-mail notification messages. It is recommended that you specify the e-mail address of the RMAD administrator.
SMTP server requires authentication. When selected, specifies that you must log on to your outgoing mail server.
User. Provides a space for you to specify the account name used to log on to the SMTP server.
Password. Provides a space for you to specify the user password.
Use Secure Sockets Layer (SSL) to encrypt the connection. Allows you to use SSL when accessing the e-mail server.
Exchange OAuth2 Authentication
To set up email notifications for Microsoft 365 Exchange Online, you need to register Recovery Manager for Active Directory with Azure Active Directory. For steps to create and manage your Azure Active Directory application see Registering Recovery Manager for Microsoft 365 Exchange Online Email Notifications.
From address. Provides a space for you to specify the return address for your email notification messages. It is recommended that you specify the e-mail address of the RMAD administrator.
Application (client) ID. Provide the application (client) ID for the Azure Active Directory application created for Recovery Manager for Active Directory email notifications.
Directory (tenant) ID. Provide the directory (tenant) ID for the Azure Active Directory application created for Recovery Manager for Active Directory email notifications.
Certificate Thumprint. Provide the certificate thumbprint for the Azure Active Directory application created for Recovery Manager for Active Directory email notifications.
Test Settings. Sends a test notification message to the address set in the “From” address text box. Use this button to verify that the specified e-mail notification settings are valid.
For more information, see Using e-mail notification.
To use email notifications using Microsoft 365 Exchange Online, you need to register Recovery Manager for Active Directory with Azure Active Directory. During the registration process, the required variables are generated. These variables are used when you configure OAuth2 authentication.
Log into the Azure Active Directory portal (https://portal.azure.com) with your global administrator user account.
In the Microsoft Azure dashboard, go to Azure Active Directory | App Registrations, and click New Registration.
Enter a name for the application.
Under Supported account types, select Accounts in this organizational directory only (Single tenant) for the accounts that can access the application API.
IMPORTANT: It is highly recommended that the application does not have access to all mailboxes. For more information about how to limit the application access to all mailboxes see the article Limiting application permissions to specific Exchange Online mailboxes.
Leave the Redirect URI (optional) field empty.
Click Register.
On the Overview tab, go to View API Permissions. Click Add a permission, click Microsoft Graph | Application Permissions and add the Mail.ReadWrite and Mail.Send permissions. See Microsoft documentation for details on limiting permissions to specific Exchange Online mailboxes. (Note: The Enforce approver account validation option found when configuring email notifications will not function if you select to follow the Microsoft article to restrict access to a single mailbox.)
Click Add Permission.
On the API Permission tab, under Grant consent, click Grant admin consent for tenant name.
Click Yes to confirm.
On the preview screen, click Overview, and note the application ID and the directory ID. (You will need these values when setting up OAuth authentication.)
Go to Azure Active Directory - Roles and administrators and assign the Exchange Administrator role for the application you created in previous steps.
The Azure Active Directory application requires a certificate for authentication. Go to Certificates & secrets, select Upload Certificate and upload the required file.
Recovery Manager for Active Directory requires the certificate to be copied to the machine where the Recovery Manager console is installed. The certificate should be stored in the local certificate store.
To import the certificate on the console machine:
NOTE |
Once OAuth2 authentication is set up, Recovery Manager for Active Directory saves the Application (client) ID, Directory (tenant) ID, and Certificate thumbprint in the registry. It is located in the registry path: "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Quest\Recovery Manager for Active Directory\Options\Email". |
On this tab, you can configure diagnostic logging to write detailed information about the activity of RMAD to log files.
This tab provides the following options:
Caution |
Diagnostic logging can be resource intensive, affecting overall server performance and consuming disk space. Therefore, it should only be used temporarily when more detailed information is needed to isolate and resolve possible problems or to monitor the activity of RMAD on your server. |
Log files location. Specifies the location where to create the log files. The default location is C:\ProgramData\Quest\Recovery Manager for Active Directory\Logs.
Create a new set of log files. Use this list to define how often (default Daily) to create a new set of log files. Each new set of log files is placed in a separate subfolder in the log files location.
On this tab, you can specify TCP ports that will be used by Recovery Manager Console to communicate with Backup Agent, Restore Agents and Management Agent.
This tab provides the following options:
Backup Agent
Online Restore Agent
Automatically configure Windows Firewall If this option is selected, Windows Firewall settings will be configured automatically for the operations performed by Online Restore Agent.
Connect to Online Restore Agent using a specific TCP port. Allows you to specify the TCP port number that will be used to connect to Online Restore Agent installed on a target domain controller. If the option is not selected, RPC dynamic port range is used by default.
Offline Restore Agent
Automatically configure Windows Firewall If this option is selected, Windows Firewall settings will be configured automatically for the operations performed by Offline Restore Agent.
Connect to Offline Restore Agent using a specific TCP port. Allows you to specify the TCP port number that will be used to connect to Offline Restore Agent installed on a target domain controller. If the option is not selected, RPC dynamic port range is used by default.
Management Agent
Automatically configure Windows Firewall If this option is selected, Windows Firewall settings will be configured automatically for the operations performed by Management Agent.
Connect to Management Agent using a specific TCP port. Allows you to specify the TCP port number that will be used to connect to Management Agent installed on a target domain controller. If the option is not selected, RPC dynamic port range is used by default.
© ALL RIGHTS RESERVED. Conditions d’utilisation Confidentialité Cookie Preference Center