These release notes provide information about the Quest® Recovery Manager for Active Directory 10.3.2 release.
Recovery Manager for Active Directory enables fast, online recovery. Comparison reports highlight what objects and attributes have been changed and deleted in Active Directory enabling efficient, focused recovery at the object or attribute level. Accurate backups and a quicker recovery enable you to reduce the time and costs associated with AD outages and reduce the impact on users throughout your organization.
Recovery Manager for Active Directory is based on patented technology.
Recovery Manager for Active Directory 10.3.2 is a release with new features and functionality. See New Features and Enhancements.
This section covers new features and enhancements in Quest® Recovery Manager for Active Directory 10.3.2.
Event logging has been enhanced for actions that are performed in the RMAD console and Forest Recovery Console. Using the event viewer, actions on computer collections, forest recovery projects and much more can be audited.
New ability to create virtual machines in Microsoft Hyper-V or VMWare ESXi and use the Restore Active Directory® to Clean OS recovery method or the Install Active Directory recovery method. To configure Microsoft Hyper-V or VMWare ESXi, new infrastructure templates are available.
With the 10.3.2 release, a new guide is available detailing all security information for Recovery Manager for Active Directory. This guide contains details on network communications, encryption algorithms, protection of data and much more.
Recovery Manager for Active Directory version 10.3.2 now supports the operating system Microsoft Windows Server 2025 for product installation, backups and recovery.
Ability to create virtual machines in Azure, Microsoft Hyper-V and VMWare ESXi when using Install AD and Install from Media recovery methods. RMAD automatically creates the virtual machine and installs the Operating System using the provided image and settings from the Forest Recovery project and metadata in the backup.
Using the phased recovery feature in Recovery Manager for Active Directory, you can now run the phase 2 (repromotion) without phase 1 to recover domain controllers directly through Repromotion method, providing even more flexibility to your forest recovery project.
Using the forest recovery project, manage your Active Directory by automating the promotion of domain controllers. New feature allows you to use the recovery process to promote standalone servers to domain controllers either as an operational task in a healthy environment or as part of the AD recovery.
| Enhancement | ID (old) | Azure DevOps |
|---|---|---|
| Recovery Manager for Active Directory 10.3.2 | ||
| Increase event viewer logging for console actions | 234185 | |
| INTEGRITY CHECKS: Backups on remote storage must be checked by the backup agent | 445485 | |
| Allow multi-select when using "Register Backup File" in RMAD and FR consoles | 463748 | |
| Password Complexity Check on Backup Encryption Password | 473827 | |
| Replication engine should enforce backup retention policy | 500287 | |
| DNS forwarder zone information is lost when reading backup computer info | 533935 | |
| Allow for blank backup access credentials when backup is located on DC | 539083 | |
| Recovery Manager for Active Directory 10.3.1 Hotfix 3 | ||
| Use different method other than SMB for "Get information about computer from backup" during recovery | N/A | 506275 |
| Support restore from backup in no NTLM environment when backup stored on DC | N/A | 506551 |
| Recovery Manager for Active Directory 10.3.1 | ||
| Create new PowerShell cmdlet - Remove-RMADSession cmdlet | N/A | 370687 |
| Email notifications during integrity checks | N/A | 395979 |
| Allow to add a folder path for Forest Recovery projects to be included in backup | N/A | 396047 |
| Add support for US government GCC high accounts in exchange Oauth2 notifications | N/A | 402135 |
| Add collection Name/Id to PowerShell script parameters | N/A | 410125 |
| Allow to ignore missing/malfunctioning VSS writers | N/A | 412323 |
| Deprecate SCOM | N/A | 416078 |
| Diagnostic log BackupAgent64 - Allow for threshold on file size and overwrite | N/A | 418052 |
| Use remote storage credentials to access the backup storage when running integrity check for backups located on a domain controller | N/A | 421517 |
| Add an option to disable automatic checking of manual and scheduled backups | N/A | 429365 |
| Remove Support for 2012 and 2012 R2 from supported operating systems and SQL Server 2012 | N/A | 437548 |
| Support using of LocalSystem account in scheduled backup | N/A | 437699 |
| Recovery Manager for Active Directory 10.3 | ||
| Salting mechanism for forest recovery project password hashes | N/A | 412667 |
| Show AD tombstone lifetime settings somewhere in a product UI | N/A | 353685 |
| Allow for password complexity | N/A | 253917 |
| BackupAgent does not respect global logging setting 'Create a new set of log files: Never' on the DC side. | N/A | 381957 |
| TLS 1.2 - Enforce in Hybrid Connect Service for communication to On Demand | N/A | 384624 |
| Resolved Issues | ID (old) | Azure DevOps |
|---|---|---|
| Recovery Manager for Active Directory 10.3.2 | ||
| Performance difference between local and remote storage | N/A | 370691 |
| IFM method store temporary extracted backup on C:\ drive instead of Temp folder | N/A | 488677 |
| Log rotation interval not working as expected with logs found in root log folder | N/A | 515418 |
| Intermittent backup failures with error: Failed to connect to backup agent: Access is denied | N/A | 532286 |
| The DIT Database component cannot be backed up because the NTDS VSS writer is unavailable or does not work properly | N/A | 539934 |
| Recovery Manager for Active Directory 10.3.1 Hotfix 3 | ||
| Change "Full" to "AD" in "Retain recent backups" | N/A | 513320 |
| Domain recovery deletes DNS conditional forwarder to root domain | N/A | 519110 |
| RMAD Console "The server threw an exception" when accessing computer collection settings Advanced Run Scripts after moving database to a new host | N/A | 523958 |
| Recovery Manager for Active Directory 10.3.1 Hotfix 2 | ||
| DNS should cleanup all non-relevant NS records | N/A | 487775 |
| Handle null values which can be returned from Change Auditor database query | N/A | 498663 |
| Static Analysis Security Issue: Out-of-bounds read/access for ud3convert | N/A | 498947 |
| Hybrid Restore Service: Time zone settings set to UTC - (negative offset) causes ODR restore objects fail with "No results received from the agent". | N/A | 504110 |
| Hybrid Restore Service: Issue with database upgrade when upgrading RMAD product | N/A | 505343 |
| Recovery Manager for Active Directory 10.3.1 Hotfix 1 | ||
| Hybrid Restore Service: Timezone and region settings set to UTC+ causes ODR Diff restore objects to hang on "Synchronizing object changes with Azure AD" | N/A | 444355 |
| Expand-RMADBackup crashes when it's executed simultaneously for multiple backups | N/A | 465177 |
| Poor performance of backup replication in Full Mode | N/A | 472789 |
| Invalid Version String in the rmad.db3 crashes the Console | N/A | 478037 |
| Correct User Guide about permissions required for online restore | N/A | 480678 |
| Disable IPv6 loopback for AD integrated DNS server | N/A | 487979 |
| Child domain forest-wide DNS zone gets wrong IP address | N/A | 487991 |
| Recovery Manager for Active Directory 10.3.1 | ||
| FSMO roles doesn't removed from non-recovered DC | N/A | 408607 |
| OnlineRestoreAgent.msi uninstalls Backup agent on DC if Backup agent exists. Backup agent also uninstalls ORA on DC if exists before install Backup Agent. | N/A | 421201 |
| Perform integrity check after scheduled backup' option works incorrectly | N/A | 430626 |
| GPO Comparison Report error: "Uncaught Reference Error: Enumerator is not defined" | N/A | 431908 |
| Using Online Restore Wizard, any GPO Comparison Reports do not show the changes/differences because the information is hidden | N/A | 434960 |
| Do not store user account credential in the task for scheduled console config backup | N/A | 437559 |
| Too long replication in full mode | N/A | 438621 |
| Restore-RMADDeletedObject cmdlet throws "Invalid Password Cannot decrypt data" when backup is not accessible - improve error message | N/A | 440174 |
| DC side PowerShell script account requires SeInteractiveLogonRight, or the logon will fail. | N/A | 444542 |
| Get information about computer from Backup takes too long to fail if backup access credentials are incorrect | N/A | 448638 |
| When forest domain is forest-wide replicated all DCs in forest should use its DC as primary DNS server | N/A | 468637 |
| Email notifications: SMTP authentication long password truncated after saving and reopening Recovery Manager Settings dialog | N/A | 470665 |
| Recovery Manager for Active Directory 10.3 Hotfix 2 | ||
| Online Restore Agent attempts to connect to a wrong domain controller when trying to perform an online recovery | N/A | 431481 |
| Integrity checks of collections with backups to be stored in Azure Files (SMB share) fail. | N/A | 435383 |
| RMAD console crashes during Online Restore Wizard for AD LDS (ADAM) due to large number of objects. | N/A | 437753 |
| Online restore is failing with the error: Failed to create a remote object. DCOM configuration required. | N/A | 440746 |
| Support gMSA accounts for scheduled collections when "Network access: Do not allow storage of passwords and credentials for network authentication" is enabled. | N/A | 444925 |
| Recovery Manager for Active Directory 10.3 Hotfix 1 | ||
| Cleanup CNAME DC record | RMADFE-2746 | 242105 |
| Hybrid Restore selection is not being verified in installer when remote SQL and windows creds are being used. | N/A | 359203 |
| Online Restore Wizard: "Objects to Be Processed" Add button browse not working properly | N/A | 411383 |
| New-RMADSchedule cmdlet doesn't support several weeks trigger | N/A | 414124 |
| Read zone info from inconsistent/partial registry key | N/A | 419904 |
| Hybrid restore may fail with the 'database is locked' error when restoring 50..100 objects | N/A | 424314 |
| Apply Group Policy step hangs if root domain DNS zone is forest-wide replicated | N/A | 427816 |
| Recovery Manager for Active Directory 10.3 | ||
| Online Restore Wizard: Reporting on Unchanged Objects | N/A | 377277 |
| Incorrect email subject message after unsuccessful/incomplete recovery | N/A | 406720 |
| Computer Column - Timing column for the backup jobs to assist users in estimating job lengths | N/A | 351058 |
| When the Additional path is offline, then a job that's only using local-storage completes with a warning. With Remote Storage, the job fails with an error. | N/A | 370690 |
| ISO boot fails with a BSOD on Windows 2022 lab. To fix the issue, you need to add the latest cumulative update (any update after 7C-KB5015879) into WinRE.wim. Download the LCU September 13, 2022 — KB5017316 (OS Build 20348.1006) (microsoft.com). See the Quest Knowledge Base article KB4368806 for commands that need to be run. | N/A | 376632 |
| Online Restore Wizard Directory object not found when restoring with old 2012 R2 backup to 2019 DC | N/A | 380226 |
| Issue with install - invalid SQL hostname during install/upgrade | N/A | 388182 |
| FSMO Roles are not displayed in the recovery report after restore | N/A | 376235 |
| Tab order on SQL Installer page is wrong | N/A | 397266 |
Recovery Manager for Active Directory fully supports Transport Layer Security (TLS) 1.2. It is recommended that you upgrade to TLS 1.2 for secure communications.
| Security Resolved Issue | ID (old) | Azure DevOps |
|---|---|---|
| Recovery Manager for Active Directory 10.3.1 Hotfix 3 | ||
| Insecure SSL/TLS: bad certificate verifier - CWE-295, CWE-296, CWE-300 | N/A | 498948 |
| Recovery Manager for Active Directory 10.3 | ||
| Salting mechanism for forest recovery project and ADVL project password hashes | N/A | 412667 |
| Enforce password complexity on Forest Recovery project | N/A | 253917 |
| TLS 1.2 - Enforce in Hybrid Connect Service for communication to On Demand | N/A | 384624 |
© ALL RIGHTS RESERVED. Termini di utilizzo Privacy Cookie Preference Center
