In order to backup and restore an untrusted domain and its objects, please follow the steps below:
- Create a new computer collection for the untrusted domain DCs, add the DCs you want
- Right click each DC added and install the backup agent, use credentials from the foreign domain when prompted
- Right click the computer collection and click on Properties
- On the “Agent Settings” tab, specify the account from the foreign domain that will be used to access the backup agent
- On the “Agent Settings” tab, make sure to check the “Use preinstalled Backup Agent” checkbox
- If you want to shcedule the backups, please consider scheduled backups will run with a service account from the local domain (in which RMAD is installed), this account has to be a local administrator on the machine in order to run scheduled backups
- To store backups on UNC share of foreign domain, the account used to connect to the backup agent will be used to access the share, change the settings on the "DC Storage" tab to specify the shared path and make sure the service account can access the share.
Make sure the firewall will allow the restore operation using the selected restore method (agentless or agent-based), the restore agent cannot be manually installed like the backup agent. For further information on how to properly configre Windows Firewall, check KB article 51897 (https://support.quest.com/recovery-manager-for-ad/kb/51897).
The online restore wizard will ask for an account able to write to AD to restore the objects, this account can be a member of the Backup Operators group of the foreign domain.