Chatta subito con l'assistenza
Chat con il supporto

Disaster Recovery for Identity Current - for Active Directory User Guide

Forests

Once you start adding forests in Disaster Recovery for Identity for Active Directory, a tile will appear on the Forests tab representing each forest. Each tile displays the status of the forest, a summary of its scope, and actions links.

Status

This section displays information on the status of a current or latest discovery, backup, verification, and recovery. For a newly added forest, you can run a discovery by selecting Run Discovery. For more information on verification and recovery statuses, see Recovery Plan Tiles.

Forest Summary

This section shows the number of domains and domain controllers (DCs) in the forest discovered during the last topology discovery run. Select View Topology to see more details.

Hybrid Agent

This section displays the name and FQDN of the hybrid agent and indicates if the hybrid agent is both connected and online. For more information on hybrid agents, including how to add a hybrid agent, refer to the Managing your Microsoft Entra tenants and on-premises domains section in the On Demand Global Settings User Guide. You can configure the agent by selecting Manage Agent.

Action Bar Buttons

You can perform the following actions using the action bar at the top of the page:

  • Add Forest – Add an Active Directory forest into Disaster Recovery for Identity for Active Directory. For more information, see Adding and Configuring a Forest.
  • RMAD Compatibility – View information on how Disaster Recovery for Identity for Active Directory and Recovery Manager for Active Directory (RMAD) work in the same environment. For more information, see Compatibility with Recovery Manager for Active Directory (RMAD) FE/DRE.
  • About Agents - View an information panel to learn more about hybrid agents and domain controller agents.
Action Links

You can use the links on the bottom of the card to perform the following actions:

  • View – See details about the forest configuration in Disaster Recovery for Identity for Active Directory, including the name, associated hybrid agent, account used to perform topology discovery, and agent proxy settings.
  • Edit – Change the forest configuration in Disaster Recovery for Identity for Active Directory, including the name, associated hybrid agent, credentials used to perform topology discovery, and agent proxy settings.
  • Remove – Delete the forest from Disaster Recovery for Identity for Active Directory.

    NOTE: If you delete the forest, all backups created by Disaster Recovery for Identity for Active Directory will no longer be available.

NOTE: While topology discovery, backup, or Recovery Plans are in progress, you cannot edit or remove the forest.

Adding and Configuring a Forest

To start using Disaster Recovery for Identity for Active Directory, you will need to add your Active Directory forest into the product.

Each Active Directory forest you plan to back up and restore needs to be added into Disaster Recovery for Identity for Active Directory. Forests in Disaster Recovery for Identity for Active Directory are isolated from each other; each forest has its own topology, agent management, Backup Plans, and Recovery Plans.

Each forest also needs to have its own hybrid agent to facilitate communication between the product and on-premises domain controller agents.

In this section:

Creating and Installing a Hybrid Agent

Before you add a forest into Disaster Recovery for Identity for Active Directory, a hybrid agent will need to be installed on-premises. A hybrid agent is used to securely communicate with any installed on-premises domain controller (DC) agents. To facilitate communication with your environment, a hybrid agent must be manually installed on-premises. To do this:

  1. Log in to On Demand using the credentials you used to sign up for On Demand.
  2. In the navigation panel on the left, select Tenants.
  3. Select Hybrid Agents.
  4. Select Add agent.
  5. Go to the Adding an on-premises agent section in the On Demand Global Settings User Guide and follow the instructions to download and install the hybrid agent.

    NOTE: If you enable LDAPS during installation of the hybrid agent by entering Y when prompted to enable SSL/TLS encryption on LDAP queries, LDAPS queries are used when running topology discovery. Topology discovery will fail if the LDAPS queries are unsuccessful. For more information, see Topology Discovery.

  1. When the hybrid agent is selected for a forest in Disaster Recovery for Identity for Active Directory, the agent configuration is automatically set to include the action "Recovery for Active Directory". For more information, see Adding a Forest into Disaster Recovery for Identity for Active Directory.

Adding a Forest into Disaster Recovery for Identity for Active Directory

To add a forest

  1. On the Forests tab, select Add Forest.
  2. Enter a unique name to identify the forest.
  1. Select the hybrid agent you created from the drop down menu.

NOTES:

  • Agents already assigned to a forest are not displayed in the drop down menu.
  • Only a single hybrid agent per forest is currently supported.
  1. Enter the Active Directory domain username and password that will be used to discover Active Directory domains and domain controllers.

NOTES:

  • The entered domain\username should have at least forest-wide read permissions.
  • When using a standalone agent, provide the domain FQDN\username.
  1. Select the internet access configuration to be used by domain controller agents to upload and download backups by choosing a proxy configuration.  You can use one of the following options:
    1. System proxy configuration – Selected by default, this option uses the proxy settings configured on the machine to access the Internet.
    2. Manually configured proxy – Manually specify the server address and port in the relevant boxes.
  2. Select Save. After the forest is added, run a discovery of your Active Directory forest by selecting Run Discovery either on the tile for the newly created forest or on the Topology page.

NOTE: To prevent unexpected behavior, add an Active Directory forest into On Demand only once.

Related Documents

The document was helpful.

Seleziona valutazione

I easily found the information I needed.

Seleziona valutazione