Chatta subito con l'assistenza
Chat con il supporto

Recovery Manager for AD Disaster Recovery Edition 10.3.1 - Release Notes

Known Issues

General Known Issues

Known Issue ID (old) Azure DevOps
Backups may contain invalid FQDNs that are registered automatically, so they cannot be selected in the Forest Recovery Console. Workaround: Use the Active Directory browse method to add the DCs to a collection when creating backups, or perform backup creation for the DCs (with correct FQDN) directly. To use the Active Directory® browse method, click All Domain Controllers in the console tree, right-click a domain controller on the right pane and press Add to Collection. RMADFE-2851 220570
Recovery Manager for Active Directory does not show changes to GPO administrative templates in the GPO comparison report. RMADFE-805 220632
Group Policy restore might fail with the error "Network access is denied” if you run the RMAD console under a local account, and this account has the same username and password as the domain account you use to restore Group Policy in the domain. RMADFE-2162 226664

Forest Recovery Known Issues

Known Issue ID (old) Azure DevOps
When running a BMR project Verify Settings, it succeeds, but when running the actual restore task, the VMs are created, but after running for a while the VMs will blue screen and go into automatic repair mode. A procedure to assist with this issue has been included in the Use Guide in the section, Bare metal recovery requirements and limitations. N\A 378305
Recovery Manager for Active Directory Forest Edition (Disaster Recovery Edition) does not check version of Forest Recovery Agent inside the ISO image file. N/A 226671
The start type of Windows Defender Firewall service cannot be restored in Windows Server® 2019. N/A 226672
Recovery Manager for Active Directory does not support the use of MSA/gMSA for verification of forest recovery projects by schedule RMADFE-3063 350182
Recovery Manager for Active Directory does not support the use of MSA/gMSA for PowerShell custom scripts on console N/A 363891
Cannot create an encrypted BMR backup if 'Enforce drive encryption type on fixed data drives' policy is set to 'Full encryption' on the domain controller N/A 346181

 

System Requirements

Before installing Recovery Manager for Active Directory, ensure that your system meets the following minimum hardware and software requirements.

NOTE

Recovery Manager for Active Directory supports only IPv4 or mixed IPv4/IPv6 networks.

.

NOTE

Recovery Manager for Active Directory Forest Edition can backup and restore domain controllers that are running on virtual machines in Amazon Web Services (AWS) or Microsoft Azure®. Note that such domain controllers cannot be restored with the Bare Metal Active Directory Recovery method because there is no way to boot them from an ISO image.

Recovery Manager for Active Directory requirements

Processor

Minimum: 2.0 GHz

Recommended: 2.0 GHz or faster

CPU Cores

Minimum: 2 CPU cores

Recommended: 4 CPU cores

Memory

Minimum: 4 GB

Recommended: 8 GB

These figures apply only if the Active Directory domains managed by Recovery Manager for Active Directory include 1 million objects or less. Increase RAM size by 512MB for every additional 1 million objects.

Hard disk space

Full installation including the prerequisite software: 2.7 GB of free disk space

In case all the prerequisite software is already installed: 260 MB of free disk space

NOTE

Additional storage space is required for a backup repository, at least the size of the backed-up Active Directory® database file (Ntds.dit) and the SYSVOL folder plus 40 MB for the transaction log files.

Operating system

NOTE

Machine that hosts the Recovery Manager for Active Directory console must have same or higher version of Windows operating system than the processed domain controllers. Otherwise, the online compare and object search in a backup during the online restore operation may fail.
32-bit operating systems are not supported.

Installation

  • Microsoft Windows Server® 2022, 2019, and 2016

Targets for backup, restore, or compare operations

  • Microsoft Windows Server® 2022, 2019, and 2016 (including Server Core installation)

Microsoft .NET Framework

Microsoft .NET Framework version 4.8 or higher is needed on the console system.

NOTE

Microsoft .NET 4.8 is not required to be installed on the systems where the Forest Recovery and Backup agents are to be installed. The Secure Storage Agent does use .NET and it is recommended to install 4.8 on the Secure Storage system, but the agent will work with older versions.

Microsoft SQL Server and its components

Microsoft SQL Server® versions

Microsoft SQL Server® is required for the following Recovery Manager for Active Directory features: Comparison Reporting and Forest Recovery Persistence.

Supported SQL Server® versions:

  • Microsoft SQL Server® 2022, 2019, 2017, 2016, and 2014 (Enterprise, Business Intelligence, Standard, Express, Web, or Developer Edition)

Microsoft SQL Server® components

Microsoft System CLR Types for SQL Server® 2014
If this component is not installed, it will be installed automatically by the RMAD setup.

Microsoft SQL Server Reporting Services

To display reports, Recovery Manager for Active Directory can integrate with Microsoft SQL Server® Reporting Services (SRSS) 2016, 2017, 2019, and 2022.

Microsoft Windows PowerShell

Microsoft Windows PowerShell® version 5.0 or later

Integration with Change Auditor for Active Directory

Supported versions of Change Auditor for Active Directory: from 6.x to 7.x.

If any prerequisite software is not installed, the Setup program automatically installs it for you before installing Recovery Manager for Active Directory. If the prerequisite software to be installed is not included in this release package, it is automatically downloaded.

Continuous recovery: From version 10.0.1, Recovery Manager for Active Directory together with Change Auditor can restore the deleted object(s) and continuously restores the last change (if any) that was made to the object attributes after creating the backup, using the data from the Change Auditor database.

Antivirus software that is supported for backup antimalware checks

The anti-virus checks are performed on the Forest Recovery Console machine running Windows Server 2016 or higher by means of antivirus software installed on the machine.

  • Microsoft Defender

  • Symantec™ Endpoint Protection 14.x

  • Broadcom Endpoint Security (former name: Symantec™ Endpoint Protection 15)

Supported server management systems

  • Integrated Dell™ Remote Access Controller (iDRAC) 8 and 9

  • HPE® ProLiant® iLO Management Engine (iLO) 3, 4 and 5

  • VMware vCenter® / VMware ESX® Server 6.0, 6.5, 6.7, 7.0 and 8.0

  • Microsoft Hyper-V® Server 2016 or higher

Forest Recovery Agent requirements

Memory

1 GB (2 GB recommended)

Hard disk space

2 GB or more

Operating system

One of the following operating systems:

  • Microsoft Windows Server® 2022, 2019, and 2016 (including Server Core installation)

Secure Storage Server requirements

Processor

Minimum: 2.0 GHz

Recommended: 2.0 GHz or faster

CPU Cores

Minimum: 2 CPU Cores

Recommended: 4 CPU Cores

Memory

Minimum: 4 GB

Recommended: 8 GB

  • Operating system: Microsoft Windows® 2016 or higher (including Server Core installation).
  • A stand-alone server to be used as your Secure Storage server. This server should be a workgroup server and not joined to an Active Directory domain.
  • An account that will be used to deploy the Storage Agent on the Secure Storage server. This account must also be a local Administrator on the Secure Storage server.
  • Physical access to the Secure Storage server. Once the server is hardened access with regular methods will be disabled.
  • Sufficient storage space on the Secure Storage server for all backup files. For one backup file, the space required is at least the size of the backed-up Active Directory® database file (Ntds.dit) and the SYSVOL folder plus 40 MB for the transaction log files.

Cloud Storage requirements

  • Internet access available on the Recovery Manager for Active Directory console. A standard outbound HTTPS port 443 is used to upload data to Azure® Blob and Amazon S3 Storage.
  • Azure and Amazon S3 subscription(s) to create and manage Azure and Amazon S3 Storage accounts and containers.
  • A method of creating and managing Azure and Amazon S3 Storage accounts, containers, and policies for the storage account (lifecycle, immutability and replication policies).

VMware vCenter® / VMware ESX® Server 6.0, 6.5, 6.7, 7.0 and 8.0

  • Active Directory Virtual Lab does not support conversion of Windows Server® 2019 Domain Controllers using VMWare ESXi™ / VMware vCenter® server.

  • Active Directory Virtual Lab does not support VMware ESXi™ 6.0.

  • VMware vCenter® Converter™ 6.2 must be installed in your environment using the Client-Server installation setup option.

  • VMware vCenter® Converter™ must be accessible to the Active Directory Virtual Lab.

  • If the TLS 1.0 protocol is disabled on VMware vCenter® Converter™ and VMware vCenter® servers, then switch to TLS 1.2 on the ADVL server. For more details, see the following KB articles:

Password and SIDHistory Recoverability Tool

You can only use the Password and SIDHistory Recoverability Tool if Microsoft's Active Directory Recycle Bin is not enabled in your environment.

 

Product Licensing

The Recovery Manager for Active Directory(RMAD) license specifies the licensed number of user accounts in the Active Directory domains protected with the product. If the actual number of user accounts exceeds the licensed number, RMAD does not stop functioning but displays a warning message each time you back up data. In this case, you need to purchase and install a new license key file allowing you to back up a greater number of user accounts or revoke licenses from the domains whose backups you no longer need.

To view information about and manage the installed license key file, you can use the License tab in the About dialog box: in the Recovery Manager Console, right-click the Recovery Manager console tree root, and then click About.

Installing license key file

You need to supply a valid license key file when installing Recovery Manager for Active Directory.

To install a license key file
  1. In the Setup Wizard, on the User Information page, click Browse license to display the Select License File dialog box.

  2. Locate the Quest license file (*.dlv) and click Open.

Updating license key file

If you have purchased a new license key file, use the Recovery Manager Console to update the license key file.

To update the license key file
  1. In the Recovery Manager Console, right-click the Recovery Manager for Active Directory console tree root, and then click About.

  2. In the About dialog box, click the License tab, and then click Install License File.

  3. In the Update License dialog box, enter the path and name of the license key file, and then click OK.

Revoking licenses

When the actual number of user accounts exceeds the licensed number, Recovery Manager for Active Directory returns a warning message each time you back up data. In this case, you can revoke licenses from the domains whose backups you no longer need. The revoked licenses are returned to the pool of available licenses and you can allocate them to a different domain.

Caution

When you revoke licenses from a domain, all backups created by Recovery Manager for Active Directory for that domain get deleted. You should only revoke licenses from a domain if you no longer need backups created for that domain.

To revoke licenses from a domain
  1. In the console tree, right-click the root node, and then click About.

  2. In the About dialog box, click the License tab.

  3. On the License tab, select the domain from the License Usage list, and then click Revoke.

  4. In the confirmation message box, click Yes.

 

Getting Started

Upgrade and installation instructions

NOTE

For Recovery Manager for Active Directory 10.1 or higher: Make sure that you use the Backup Agent version supplied with this release of Recovery Manager for Active Directory.

Recovery Manager for Active Directory(RMAD) supports a direct upgrade from version 10.1 and higher. If you have an earlier version of RMAD, the best practice is to upgrade the product to any of the supported versions, and then upgrade it to the latest version.

Alternatively, you can install the latest version of RMAD on a new clean machine and perform a full replication. The Full replication feature allows you to create a full copy of the primary Recovery Manager console settings on the new console instance. This option is supported starting from Recovery Manager for Active Directory version 9.0.1. For details, see the Full Replication section in User Guide.

For Recovery Manager for Active Directory Disaster Recovery Edition, after upgrade of Recovery Manager for Active Directory, upgrade the Secure Storage agent on the Secure Storage server to the same version. With a hardened Secure Storage server, Recovery Manager for Active Directory does not automatically upgrade the agent and this must be completed with console (physical) access to the server.

NOTE

Microsoft SQL Server 2016 Express is now included with Recovery Manager for Active Directory. Microsoft SQL Server 2016 Express introduces new functionality from Microsoft that enables Customer Experience Improvement Program (CEIP) and at the same time, by default, communicates data back to Microsoft such as IP address, username, email, and location. To disable this telemetry activity that reports back to Microsoft, follow instructions found at Configure usage and diagnostic data collection for SQL Server (CEIP)
You can review a complete list of sub-processors and our privacy policy at https://support.quest.com/subprocessor.

Additional resources

Additional information is available from the following:

 

Related Documents

The document was helpful.

Seleziona valutazione

I easily found the information I needed.

Seleziona valutazione