Known Issue | ID (old) | Azure DevOps |
---|---|---|
Backups may contain invalid FQDNs that are registered automatically, so they cannot be selected in the Forest Recovery Console. Workaround: Use the Active Directory browse method to add the DCs to a collection when creating backups, or perform backup creation for the DCs (with correct FQDN) directly. To use the Active Directory® browse method, click All Domain Controllers in the console tree, right-click a domain controller on the right pane and press Add to Collection. | RMADFE-2851 | 220570 |
Recovery Manager for Active Directory does not show changes to GPO administrative templates in the GPO comparison report. | RMADFE-805 | 220632 |
Group Policy restore might fail with the error "Network access is denied” if you run the RMAD console under a local account, and this account has the same username and password as the domain account you use to restore Group Policy in the domain. | RMADFE-2162 | 226664 |
Known Issue | ID (old) | Azure DevOps |
---|---|---|
Recovery Manager for Active Directory Forest Edition (Disaster Recovery Edition) does not check version of Forest Recovery Agent inside the ISO image file. | N/A | 226671 |
The start type of Windows Defender Firewall service cannot be restored in Windows Server® 2019. | N/A | 226672 |
Recovery Manager for Active Directory does not support the use of MSA/gMSA for verification of forest recovery projects by schedule | RMADFE-3063 | 350182 |
Recovery Manager for Active Directory does not support the use of MSA/gMSA for PowerShell custom scripts on console | N/A | 363891 |
Cannot create an encrypted BMR backup if 'Enforce drive encryption type on fixed data drives' policy is set to 'Full encryption' on the domain controller | N/A | 346181 |
Before installing Recovery Manager for Active Directory, ensure that your system meets the following minimum hardware and software requirements.
NOTE |
Recovery Manager for Active Directory supports only IPv4 or mixed IPv4/IPv6 networks. |
.
NOTE |
Recovery Manager for Active Directory Forest Edition can backup and restore domain controllers that are running on virtual machines in Amazon Web Services (AWS) or Microsoft Azure®. Note that such domain controllers cannot be restored with the Bare Metal Active Directory Recovery method because there is no way to boot them from an ISO image. |
Minimum: 1.4 GHz
Recommended: 2.0 GHz or faster
Minimum: 2 CPU cores
Recommended: 4 CPU cores
Minimum: 2 GB
Recommended: 4 GB
These figures apply only if the Active Directory domains managed by Recovery Manager for Active Directory include 1 million objects or less. Increase RAM size by 512MB for every additional 1 million objects.
Full installation including the prerequisite software: 2.7 GB of free disk space
In case all the prerequisite software is already installed: 260 MB of free disk space
NOTE |
Additional storage space is required for a backup repository, at least the size of the backed-up Active Directory® database file (Ntds.dit) and the SYSVOL folder plus 40 MB for the transaction log files. |
NOTE |
Machine that hosts the Recovery Manager for Active Directory console must have same or higher version of Windows operating system than the processed domain controllers. Otherwise, the online compare and object search in a backup during the online restore operation may fail. |
Installation
Targets for backup, restore, or compare operations
The Windows Server Backup feature is supported for Windows Server® 2012 R2 or higher. Make sure that the feature is installed on all domain controllers in your environment.
NOTE |
Windows Server® 2012 requires Microsoft .NET Framework version 4.8 or higher installed. See the following Microsoft article for instructions on installation: Microsoft .NET Framework 4.8 for Windows Server 2012 |
Microsoft .NET Framework version 4.8 or higher
Microsoft SQL Server® versions
Microsoft SQL Server® is required for the following Recovery Manager for Active Directory features: Comparison Reporting and Forest Recovery Persistence.
Supported SQL Server® versions:
Microsoft SQL Server® components
Microsoft System CLR Types for SQL Server® 2012
If this component is not installed, it will be installed automatically by the RMAD setup.
Microsoft SQL Server Reporting Services
To display reports, Recovery Manager for Active Directory can integrate with Microsoft SQL Server® Reporting Services (SRSS) 2016, 2017 and 2019.
Supported Microsoft Operations Managers for the RMAD Management Pack for Microsoft Center Operations Manager (SCOM):
Microsoft Windows PowerShell® version 5.0 or later
Supported versions of Change Auditor for Active Directory: from 6.x to 7.x.
If any prerequisite software is not installed, the Setup program automatically installs it for you before installing Recovery Manager for Active Directory. If the prerequisite software to be installed is not included in this release package, it is automatically downloaded.
Continuous recovery: From version 10.0.1, Recovery Manager for Active Directory together with Change Auditor can restore the deleted object(s) and continuously restores the last change (if any) that was made to the object attributes after creating the backup, using the data from the Change Auditor database.
The anti-virus checks are performed on the Forest Recovery Console machine running Windows Server 2016 or higher by means of antivirus software installed on the machine.
Microsoft Defender
Symantec™ Endpoint Protection 14.x
Broadcom Endpoint Security (former name: Symantec™ Endpoint Protection 15)
Integrated Dell™ Remote Access Controller (iDRAC) 8 and 9
HPE® ProLiant® iLO Management Engine (iLO) 3, 4 and 5
VMware vCenter® / VMware ESX® Server 6.0, 6.5, 6.7 and 7.0
Microsoft Hyper-V® Server 2012 or higher
1 GB (2 GB recommended)
2 GB or more
One of the following operating systems:
Minimum: 1.4 GHz
Recommended: 2.0 GHz or faster
Minimum: 2 CPU Cores
Recommended: 4 CPU Cores
Minimum: 2 GB
Recommended: 4 GB
Active Directory Virtual Lab does not support conversion of Windows Server® 2019 Domain Controllers using VMWare ESXi™ / VMware vCenter® server.
Active Directory Virtual Lab does not support VMware ESXi™ 6.0.
VMware vCenter® Converter™ 6.2 must be installed in your environment using the Client-Server installation setup option.
VMware vCenter® Converter™ must be accessible to the Active Directory Virtual Lab.
If the TLS 1.0 protocol is disabled on VMware vCenter® Converter™ and VMware vCenter® servers, then switch to TLS 1.2 on the ADVL server. For more details, see the following KB articles:
You can only use the Password and SIDHistory Recoverability Tool if Microsoft's Active Directory Recycle Bin is not enabled in your environment.
The Recovery Manager for Active Directory(RMAD) license specifies the licensed number of user accounts in the Active Directory domains protected with the product. If the actual number of user accounts exceeds the licensed number, RMAD does not stop functioning but displays a warning message each time you back up data. In this case, you need to purchase and install a new license key file allowing you to back up a greater number of user accounts or revoke licenses from the domains whose backups you no longer need.
To view information about and manage the installed license key file, you can use the License tab in the About dialog box: in the Recovery Manager Console, right-click the Recovery Manager console tree root, and then click About.
You need to supply a valid license key file when installing Recovery Manager for Active Directory.
In the Setup Wizard, on the User Information page, click Browse license to display the Select License File dialog box.
Locate the Quest license file (*.dlv) and click Open.
If you have purchased a new license key file, use the Recovery Manager Console to update the license key file.
In the Recovery Manager Console, right-click the Recovery Manager for Active Directory console tree root, and then click About.
In the About dialog box, click the License tab, and then click Install License File.
In the Update License dialog box, enter the path and name of the license key file, and then click OK.
When the actual number of user accounts exceeds the licensed number, Recovery Manager for Active Directory returns a warning message each time you back up data. In this case, you can revoke licenses from the domains whose backups you no longer need. The revoked licenses are returned to the pool of available licenses and you can allocate them to a different domain.
Caution |
When you revoke licenses from a domain, all backups created by Recovery Manager for Active Directory for that domain get deleted. You should only revoke licenses from a domain if you no longer need backups created for that domain. |
In the console tree, right-click the root node, and then click About.
In the About dialog box, click the License tab.
On the License tab, select the domain from the License Usage list, and then click Revoke.
In the confirmation message box, click Yes.
NOTE |
For Recovery Manager for Active Directory 10.1 or higher: Make sure that you use the Backup Agent version supplied with this release of Recovery Manager for Active Directory. |
Recovery Manager for Active Directory(RMAD) supports a direct upgrade from version 10.0 and higher. If you have an earlier version of RMAD, the best practice is to upgrade the product to any of the supported versions, and then upgrade it to the latest version.
Alternatively, you can install the latest version of RMAD on a new clean machine and perform a full replication. The Full replication feature allows you to create a full copy of the primary Recovery Manager console settings on the new console instance. This option is supported starting from Recovery Manager for Active Directory version 9.0.1. For details, see the Full Replication section in User Guide.
For Recovery Manager for Active Directory Disaster Recovery Edition, after upgrade of Recovery Manager for Active Directory it is recommended to upgrade the Secure Storage agent on the Secure Storage server to the same version. With a hardened Secure Storage server, Recovery Manager for Active Directory does not automatically upgrade the agent and this must be completed with console (physical) access to the server.
NOTE |
The Secure Storage server agent will continue to function when its version does not match the version of the RMAD console but new functionality may be lost. |
Additional information is available from the following:
Online product documentation Support Portal
Recovery Manager Community https://www.quest.com/community/products/recovery-manager/f/forum
© ALL RIGHTS RESERVED. 利用規約 プライバシー Cookie Preference Center