Chat now with support
Chat with Support

Recovery Manager for AD Disaster Recovery Edition 10.1 - User Guide

Overview Getting started
Permissions required to use Recovery Manager for Active Directory Recovery Manager Console Getting and using help Configuring Windows Firewall Using Computer Collections Managing Recovery Manager for Active Directory configuration Licensing
Backing up data
Permissions required for the Backup operation Managing Backup Agent Using a least-privileged user account to back up data Using Managed Service Accounts Active Directory backups vs Windows System State backups Creating BMR and Active Directory backups Using the Backup Wizard Retrying backup creation Enabling backup encryption Backing up AD LDS (ADAM) Backing up cross-domain group membership Backing up distributed file system (DFS) data Backup scheduling Setting performance options Setting advanced backup options Using Forest Recovery Agent Unpacking backups Using e-mail notification Viewing backup creation results
Restoring data
Getting started with Active Directory recovery Managing deleted or recycled objects Restoring backed up Active Directory components Integration with Change Auditor for Active Directory Using granular online restore Restoring AD LDS (ADAM) Selectively restoring Active Directory object attributes Restoring objects in an application directory partition Restoring object quotas Restoring cross-domain group membership Performing a restore without having administrator privileges Reports about objects and operations Using complete offline restore Offline restore implications Restoring SYSVOL authoritatively Performing a granular restore of SYSVOL Recovering Group Policy Restoring data from third-party backups Using the Extract Wizard Restoring passwords and SID history
Full Replication Consolidating backup registration data Monitoring Recovery Manager for Active Directory Recovering an Active Directory forest
Forest recovery overview Deploying Recovery Manager for Active Directory Forest Edition (Disaster Recovery Edition) Permissions required to use Forest Recovery Console Forest Recovery Console Managing a recovery project Recovery methods Phased recovery Managing Forest Recovery Agent Rebooting domain controllers manually Resetting DSRM Administrator Password Purging Kerberos Tickets Managing the Global Catalog servers Managing FSMO roles Manage DNS Client Settings Configuring Windows Firewall Developing a custom forest recovery plan Backing up domain controllers Assigning a preferred DNS server during recovery Handling DNS servers during recovery Forest recovery approaches Deciding which backups to use Running custom scripts while recovering a forest Overview of steps to recover a forest Viewing forest recovery progress Viewing recovery plan Viewing a report about forest recovery or verify settings operation Handling failed domain controllers Adding a domain controller to a running recovery operation Selectively recovering domains in a forest Recovering SYSVOL Deleting domains during recovery Resuming an interrupted forest recovery Recovering read-only domain controllers (RODCs) Checking forest health Collecting diagnostic data for technical support
Restore Active Directory on Clean OS Bare metal forest recovery Using Management Shell Creating virtual test environments Using Recovery Manager for Active Directory web portal Appendices
Frequently asked questions Best practices for using Computer Collections Technical characteristics Best practices for creating backups Best practices for creating backups for forest recovery Best practices for recovering a forest Descriptions of recovery or verification steps Ports Used by Recovery Manager for Active Directory Forest Edition (Disaster Recovery Edition) Backup Wizard Online Restore Wizard Online Restore Wizard for AD LDS (ADAM) Group Policy Restore Wizard Repair Wizard Extract Wizard Events generated by Recovery Manager for Active Directory Descriptions of PowerShell commands
Add-RMADBackup Add-RMADCollectionItem Add-RMADFEComputer Add-RMADReplicationConsole Add-RMADStorageServer Backup-RMADCollection Close-RMADFEProject Compare-RMADObject Convert-RMADBackup ConvertTo-RMADRecycledObject Create-RMADStorageManagementAgentSetup Expand-RMADBackup Export-RMADBackup Export-RMADFERecoveryCertificate Export-RMADFEResult Get-RMADBackup Get-RMADBackupAgent Get-RMADBackupInfo Get-RMADBackupObject Get-RMADBackupSecurityStatus Get-RMADCollection Get-RMADCollectionItem Get-RMADDeletedObject Get-RMADFEComputer Get-RMADFEConsole Get-RMADFEDnsCache Get-RMADFEDomain Get-RMADFEEvent Get-RMADFEGlobalOptions Get-RMADFEOperation Get-RMADFEPersistenceConnection Get-RMADFEProject Get-RMADFERecoveryAgent Get-RMADFESchedule Get-RMADGlobalOptions Get-RMADLicenseInfo Get-RMADObject Get-RMADReplicationConsole Get-RMADReplicationSchedule Get-RMADReplicationSession Get-RMADReplicationSessionItem Get-RMADReportObject Get-RMADReportObjectAttributes Get-RMADReportObjectChildren Get-RMADReportSession Get-RMADSession Get-RMADSessionItem Get-RMADSessionItemEvent Get-RMADStorageServers Import-RMADBackup Import-RMADFERecoveryCertificate Install-RMADBackupAgent Install-RMADFERecoveryAgent New-RMADCollection New-RMADFEProject New-RMADFERecoveryMedia New-RMADSchedule Open-RMADFEProject Publish-RMADBackupSecurityStatus Remove-RMADBackup Remove-RMADBackupAgent Remove-RMADCollection Remove-RMADCollectionItem Remove-RMADFEComputer Remove-RMADFERecoveryAgent Remove-RMADFESchedule Remove-RMADReplicationConsole Remove-RMADReplicationSchedule Remove-RMADReplicationSession Remove-RMADStorageServer Remove-RMADUnpackedComponent Rename-RMADCollection Restore-RMADDeletedObject Restore-RMADDomainController Restore-RMADObject Resume-RMADFERecovery Save-RMADFEProject Set-RMADCollection Set-RMADFEComputer Set-RMADFEDnsCache Set-RMADFEDomain Set-RMADFEGlobalOptions Set-RMADFEPersistenceConnection Set-RMADFERecoveryMode Set-RMADFESchedule Set-RMADGlobalOptions Set-RMADReplicationConsole Set-RMADReplicationSchedule Start-RMADFERecovery Start-RMADFEVerification Start-RMADReplication Start-RMADReportViewer Stop-RMADFEWorkflow Update-RMADBackupAgent Update-RMADFEProject Update-RMADLicense

Modifying Computer Collection properties

To modify properties for a Computer Collection
  • In the console tree, right-click the Computer Collection, and then click Properties.

The Properties dialog box opens, allowing you to specify what to back up, where to store backups, and what kind of logging to use. In addition, the Properties dialog box allows you to manage the backup creation schedule for the Collection and specify the user account under which the scheduled backup creation operation will run.

All settings specified in the Properties dialog box for a Computer Collection only relate to that Computer Collection. Different Computer Collections may have different properties.

For more information about Computer Collection properties, see Properties for an existing Computer Collection.

 

Deleting Computer Collections

To delete a Computer Collection
  • In the console tree, right-click the Computer Collection you want to delete, and then click Delete.

This only deletes the Computer Collection you selected along with the computer and container shortcuts it includes and the backup creation tasks scheduled for that Computer Collection. The containers, domain controllers, and AD LDS (ADAM) hosts whose shortcuts were added to the Computer Collection are not deleted. Deleting a Computer Collection does not delete the backups that were created for that Collection.

 

Specifying an access account for Backup Agent and backup storage

For each Computer Collection (applicable to all domain controllers within a collection), you can specify a user account that will be used to access the following:

  • Backup Agent that is manually or automatically installed on domain controllers in the Computer Collection. The account is used for the following operations:

    • backup creation

    • discover Backup Agent instances or update Backup Agent information

    • install, upgrade or uninstall Backup Agent instances

  • Locations on target domain controllers or UNC shares where backup files created for the Computer Collection are to be saved. For more information on how to specify these locations, see DC Storage tab section in Properties for an existing Computer Collection.

These credentials are also used to connect to Active Directory in the following cases:

  • Show or refresh the content of collections that contain containers

  • Operate on collections that contain container-items

  • This account is used for backup unpacking only if no account is configured on the DC Storage tab

For example: modifying an exclusion list for a container; installing the Backup Agent from a collection menu, collecting diagnostic data, etc.

To specify an access account

  1. In the Recovery Manager Console tree, select the Computer Collection for which you want to specify an access account.

  2. From the main menu, select Action | Properties.

  3. On the Agent Settings tab, select the Use the following account to access Backup Agent check box.

  4. Click Select Account, and specify the user name and password of the account with which you want to access Backup Agent, backup storages, and global catalog servers.

  5. When finished, click OK.

You can also specify a separate account that will be used to access the backup storage on the DC Storage tab.

If no access account is specified on the Agent Settings tab and no scheduled tasks exist for the Computer Collection, Recovery Manager for Active Directory will use the account under which the Recovery Manager Console is currently running.

If no access account is specified and a backup creation task is scheduled for the Computer Collection, Recovery Manager for Active Directory will use the account under which the scheduled task is run. You can view and change this account on the Schedule tab in the Properties dialog box for a Computer Collection. For more information, see Schedule tab subsection in Properties for an existing Computer Collection.

Note

The scheduled task account is not used to access the DC Storage from the agent side. The agent uses a local system account on a domain controller for this operation.

For additional information about the account requirements, please refer Permissions required for the Backup operation.

 

Adding domain controllers to a Computer Collection

You can add specific domain controllers to a Computer Collection. You can select domain controllers in the details pane after browsing the console tree and selecting the container that holds the domain controllers you want to add. Domains available for a forest are located under the Active Directory/Forest <Name> node; containers are located under domain nodes. You can add forests to the Active Directory node by using the Connect to Forest command on the node’s Action menu. A Computer Collection can hold domain controllers from multiple containers.

To add domain controllers to a selected Computer Collection

  1. Right-click the Computer Collection, point to Add, and then click Domain Controller.

  2. In the Select Computers dialog box, enter the domain controller name or select the domain controller from the list and click OK. The Select Computers dialog box allows you to specify multiple domain controller names.

To add domain controllers to a Computer Collection

  1. Browse the console tree to select the container that holds the domain controllers you want to add.

  2. In the details pane, select the domain controllers you want to add. To select multiple domain controllers, hold down CTRL, and click the domain controllers.

  3. On the Action menu, click Add to Collection.

  4. In the dialog box that opens, select an existing Computer Collection or click New Collection to create and select a new Computer Collection.

  5. In the dialog box, click OK.

Note

Alternatively, you can drag the domain controllers selected in the details pane to the target Computer Collection in the console tree or use the Copy and Paste commands.

You can add domain controllers to a Computer Collection by using an import file that contains a list of domain controller names or IP addresses. Importing domain controllers from a file overcomes the limitations inherent to the Select Computers dialog box and is convenient when you need to add a large group of domain controllers.

An import file is a text file that contains one domain controller name or IP address per line. For example:

123.123.123.123

Domain Controller Name 1

Domain Controller Name 2

213.213.213.213

To add domain controllers by using an import file

  1. Create an import file that contains domain controller names or IP addresses.

  2. Right-click the Computer Collection, point to Add, and then click Import Computers.

  3. Use the Open dialog box to locate and open the import file.

 

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating