Please consider the following behavior of the Recovery Manager Portal:
By default, the permissions to restore or undelete objects in an Active Directory domain are only granted to the members of the Domain Admins group in that domain. However, you can delegate the restore or undelete permissions to the portal users you want. For more information, see Delegating restore or undelete permissions.
By default, the Recovery Manager Portal uses the agent-based method for all search and restore operations, regardless of the settings configured on the Recovery Manager for Active Directory instance used to perform these operations. For more information about the agent-based method, see Agent-based method in Using agentless or agent-based method. You can change the portal settings to use the agentless method.
Connect to the Recovery Manager Portal with your Web browser.
In the Recovery Manager Portal, open the Configuration tab.
Expand Portal Settings, and then select the Use agentless method for all search and restore operations check box.
To undelete an Active Directory object, the Recovery Manager Portal uses Microsoft’s Active Directory Recycle Bin feature if it is enabled in the target forest. If this feature is unavailable, the Recovery Manager Portal restores the object from the latest available unpacked backup that includes the object before its deletion.
You can use On Demand Recovery to restore on-premises objects that are synchronized with cloud.
What can be restored using the hybrid configuration
On-premises groups
Office 365 licenses (assignedLicenses property for cloud users) and cloud group membership
Deleted on-premises users and groups
Service principals' appRoleAssignments to on-premises users
appRoleAssignments to non-Office groups (used for SSO and App Roles)
Directory roles: Global administrator, Exchange administrator, Compliance administrator
Other cloud-only properties: such as Block sign in, Authentication contact information, Minors and Consent
Multi-factor authentication (MFA) settings if a customer uses cloud MFA
Azure application custom attributes (schema extension attributes)
IMPORTANT |
To configure the hybrid connection, outbound HTTPS (port 443) should be opened in the firewall on the machine where Recovery Manager Portal is installed. |
Depending on which kind of restore operation (agent-based or agentless) you are going to perform in a hybrid configuration, the account under which you want the selected Recovery Manager for Active Directory instance to recover data in the domain must meet the corresponding requirements. For details about account permissions for agent-based and agentless restore, see Permissions required to use Recovery Manager for Active Directory.
Connect to the Recovery Manager Portal with your Web browser.
In the Recovery Manager Portal, open the Configuration tab.
Expand Portal Settings and click On Demand integration…
In the On Demand Recovery integration dialog, select Enable integration check box and specify Relay URL and credentials. To get these parameters, please go to On Demand Recovery and perform the following steps:
a. On the Dashboard screen, click Create hybrid connection.
b. In the Create hybrid connection dialog, click Download hybrid credentials to download a configuration file with Relay credentials.
c. Save the file to the folder of your choice.
d. Go back to the On Demand integration dialog, click Choose file and select the configuration file. For security reasons, you should remove this file from your computer after the credentials will be specified in Recovery Manager Portal.
NOTE |
Azure AD Connect synchronization occurs automatically after the restore operation. But On Demand Recovery has the ability to force synchronization cycle and requires credentials for the machine where Azure AD Connect is installed. |
You may get an error related to the proxy settings while configuring integration with On Demand Recovery. To resolve this issue, perform the following actions:
Open the Recovery Manager Portal configuration file %Program Files%\Quest\Recovery Manager Portal\EnterprisePortalSettings.xml.
Check that "ProxyAddress" has the correct value.
Make sure that URI contains the protocol prefix and the port number, e.g. http:/localhost:8080/.
Restart the Recovery Manager Portal service.
For more information about integration with On Demand Recovery, please see the Integration with Recovery Manager for Active Directory section in the On Demand product documentation.
You can view the health summary for the Recovery Manager for Active Directory instances with which the portal is configured to work. To view the health summary, you must be assigned a specific role in the Recovery Manager Portal. For more information, see Assigning roles to portal users.
Connect to the Recovery Manager Portal with your Web browser.
In the Recovery Manager Portal, open the Monitoring tab.
Expand the Health Summary node to view the health summary.
You can view backup creation history for a particular instance of the Recovery Manager for Active Directory with which the Recovery Manager Portal is configured to work. To view backup creation history, you must be assigned a specific role in the Recovery Manager Portal. For more information, see Assigning roles to portal users.
The backup creation history displays the date when a particular backup was created, the backup operation duration, the size of the created backup and whether the backup is encrypted. You can also view the name of the computer hosting the Recovery Manager for Active Directory instance that created the backup, the name of backed up Computer Collection and backed up computer.
Connect to the Recovery Manager Portal with your Web browser.
In the Recovery Manager Portal, open the Monitoring tab.
Expand the Backup History node to view the list of existing backups. If the backup is encrypted, this will be indicated in the 'Size' column.
You can use the provided search box to find a specific entry in the list.
© 2024 Quest Software Inc. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center