How to Perform Active Directory Granular Restores from Rapid Recovery Backups Using Quest RMA (Recovery Manager for Active Directory) (4042008)

If a specific object from the Active Directory was accidentally removed and the AD recycle bin is disabled or the retention policy has removed it, you can use your Rapid Recovery backups to restore the object in question.

Active Directory object deletion.

Requirements:

• Quest Recovery Manager for Active Directory must be installed in a server/workstation joined to the domain to be able to do the restore
• At least a valid trial version of Recovery Manager for Active Directory
• A mounted recovery point from your protected DC.  You can use LMU (Local Mount Utility) to mount the recovery point if the Rapid Recovery core is not joined to the domain

You can download a free trial of Recovery Manager for Active Directory from the following site:
https://www.quest.com/register/54780/

Steps:

1. First, mount the Rapid Recovery backup as writable
2. Open RMA and follow the steps below:

• On the left panel, right click on "Active Directory" and choose "Online Restore Wizard...":

• The wizard window pops up, click "Next":

• Select "Compare, restore, and report changes in Active Directory" and click "Next":

• Click on "Register" and choose the option "Register Offline Active Directory Database...":

• On the next window look for the Dit file, Log files location, and SYSVOl root folder from the recovery point you mounted with Rapid Recovery and click on "OK":

• Dit File: ...\C__\Windows\NTDS\ntds.dit
• Log Files location: It will be automatically populated but they should be under "...\C__\Windows\NTDS"
• SYSVOL root folder: It will be automatically populated but it should be "...\C__\Windows\SYSVOL"

• The AD offline backups should be listed, if no backups are listed go back and click "Next" again:

• Select the target Active Directory (DC server you will restore to) and enter the credentials to authenticate with it.  By default the target DC is the same as the DC from where the backup was taken from: 

Note: If you are using the same DC server to perform the restore, you can remove the checkmark from "Use agentless method to access domain controller":

• If the authentication with the target DC was successful in the previous step, you will be able to select the AD objects you would like to restore.  Click on "Add" and select the options you prefer:

• This window will come up, use it to look for the object you need to restore:

We will explore how the restore process is done with an example:

• In the below AD view we're missing an account called TestUser.  We will use the search window as shown above to restore this account.

• The user account is in the AD DB from the recovery point we had mounted with Rapid Recovery.  After searching for it we select it and click on "OK":

• The selected object will be listed:

• On the following window select "Compare, analyze and, optionally, restore":

• On the next step leave the default options:

• A summary of what will be processed is listed, click "Next":

• Once the process is finished, click "Next":

• Put a checkmark on "Proceed to restore" and click "Next":

• Select the object to be restored and click "Next"

• Select "Restore deleted objects to their original containers (default)" if you want to restore to the same OU where the object was, or select "Specify a destination container for restoration of deleted objects" if you want to restore it into a different OU, then click "Next":

• Once again, leave the default options on this step:

• Set the restored account parameters:

• Click on "Yes":

• Once processed click "Next":

• Click "Next" once again:

• Click on "Finish" to exit the wizard:

• You should now be able to see your restored account in your AD:

Note: The restored user account may be locked out and you'll need to unlock it.