Chat now with support
Chat with Support

Recovery Manager for AD Disaster Recovery Edition 10.2.2 - Release Notes

Release Notes

These release notes provide information about the Quest® Recovery Manager for Active Directory Disaster Recovery Edition 10.2.2 release.

About Quest® Recovery Manager for Active Directory Disaster Recovery Edition 10.2.2

Recovery Manager for Active Directory enables fast, online recovery. Comparison reports highlight what objects and attributes have been changed and deleted in Active Directory enabling efficient, focused recovery at the object or attribute level. Accurate backups and a quicker recovery enable you to reduce the time and costs associated with AD outages and reduce the impact on users throughout your organization.

Recovery Manager for Active Directory is based on patented technology.

Recovery Manager for Active Directory 10.2.2 is a release with new features and functionality. See New Features and Enhancements.

 

New Features and Enhancements

This section covers new features and enhancements in Quest® Recovery Manager for Active Directory 10.2.2.

Major Features


AWS S3 Cloud Storage

Recovery Manager for Active Directory Disaster Recovery Edition provides the ability to set up and use dedicated cloud storage locations for backups. Cloud Storage in combination with Tier 1 storage options ensure that your critical backups are always available in case of disaster.

Recovery Manager for Active Directory Disaster Recovery Edition 10.2.2 introduces support for Amazon Web Services (AWS) S3 storage.

In Recovery Manager for Active Directory Disaster Recovery Edition, RMAD PowerShell® cmdlets are available to add, edit and remove the AWS S3 Cloud Storage.

Pause Recovery for Remediation

A recovery in Directory Services Restore Mode (DSRM) can now be paused during the recovery for remediation. A new Malware Remediation tab has been introduced in the Forest Recovery console and has options to allow the user to make choices for scanning of malware or server maintenance during recovery.

The feature pauses the recovery during Directory Services Restore mode (DSRM) before the domain controller is restarted into normal mode allowing users to perform maintenance and run their own scans using third party tools and/or remediate if malware found. Pause recovery in DSRM to perform maintenance tasks can be enabled for specific domain controllers by selecting the option from the Malware Remediation tab from each domain controller in the project, or for all domain controllers in the entire domain/forest.

Secure Storage Server Maintenance

New support for Secure Storage server maintenance without unhardening via PowerShell® cmdlets.

New On Demand Recovery Integration and Deprecation of Recovery Manager Portal

Recovery Manager for Active Directory is introducing a new configuration UI for Integration with On Demand Recovery. Configuration is available with a new node, Hybrid Recovery, in the Recovery Manager console. To enable integration with On Demand Recovery, see the section on the Hybrid Connector in the RMAD User Guide for further information on settings. To support hybrid recovery and communication with On Demand Recovery a new service is available – Quest Recovery Manager Hybrid Connection. To install the new service, select the installer option Recovery Manager Hybrid Connection during installation of the Recovery Manager server and console.

The Recovery Manager Portal, which enabled intranet users to use a Web browser to access the search and restore functionality is being deprecated. By providing configuration for On Demand Recovery Integration in the Recovery Manager console, installation and setup of the Recovery Manager Portal is no longer required to have Hybrid recovery support. There will not be a 10.2.2 version of the Recovery Manager Portal. Backward compatibility will be supported to continue to use earlier versions of the portal with an upgraded Recovery Manager server.

The new Hybrid Connector can be configured via the RMAD PowerShell® API.

Microsoft .NET 4.8 Requirement

Recovery Manager for Active Directory needs Microsoft .NET 4.8 as a requirement for install. A check is performed during installation to confirm .NET 4.8 is install on the system. If not, a pop up dialog will appear requesting .NET 4.8 be installed on the system.

Full support for Group Managed Service Accounts (gMSA)

Full support for group Managed Service Accounts (gMSA) is now available for use in Recovery Manager for Active Directory, Recovery Manager for Active Directory Forest Edition and Recovery Manager for Active Directory Disaster Recovery Edition. This support includes but is not limited to, gMSA accounts to verify FE projects by schedule; use a gMSA account from one domain as the agent account for backing up DCs in a different domain; replication for console connection; gMSA for setting up replication; and gMSA to run PS custom scripts.

Enhancements

General

Enhancement ID (old) Azure DevOps
Recovery Manager for Active Directory 10.2.2
Improve message the error while creating remote DCOM object failed because "Access is denied" N/A 263396
Cannot restore a user from a backup that requires credentials for accessing it N/A 267022
Support GMSA account type to run PS custom script (Agent side only) N/A 317648
Installation option for hybrid service in the main product setup N/A 346507
New hybrid configuration Powershell API N/A 346513
Installer check updated for .NET 4.8 N/A 349988
Full support for GMSA accounts for RMAD DRE/FE/Standard N/A 352707
Support for Windows 2022 with exceptions. See User Guide N/A 363862
Recovery Manager for Active Directory 10.2.1
Usability improvements to the Computer Collections Properties dialog including removal of Logging tab and introduction of new tab for Secondary Storage N/A 283362
Creation of Management Shell Guide which lists all available PowerShell® cmdlets, with examples. Appendix removed from User Guide N/A 275100
Recovery Manager for Active Directory 10.2
Rename system state backups to Active Directory® backups RMADFE-3009 218405
Hide the "Components" tab in computer collection settings RMADFE-3042 218415
SCOM 2019 support N/A 219783
Pass through Synchronize across time zones from windows task scheduler to RMAD RMADFE-952 220703
Create Logs Daily to be on by default N/A 223980
Display operating system version for all backups N/A 228741

Forest Recovery Edition

Enhancement ID (old) Azure DevOps
Recovery Manager for Active Directory 10.2.1
Automatically enable File and Printer Sharing on the clean OS machine when installing FR agent RMADFE-2778 242106
RMAD Console and Forest Recovery Agent cannot read AD configuration with more than 1000 sites N/A 274279
Recovery Manager for Active Directory 10.2
Forest Recovery simulation mode available RMADFE-920 218277
The 'View Recovery Report' action should be available as one of the post recovery dialog actions RMADFE-3034 218413
Encrypt credentials in Forest Recovery project using AESCryptoServiceProvider instead of TripleDESCryptoServiceProvider RMADFE-2199 220948
Allow RMAD backup to continue if forest recovery agent cannot be installed N/A 221433
Set default global catalog handling option to "Keep GC Intact" N/A 223871
Show 'object's tombstone is expired' detailed warning in the Online Restore Wizard RMADFE-1613 223987
Default recovery method to the Repromotion phase should be "Install AD", not "ReinstallAD" N/A 234195
Tool to update backup creation date in simulation projects N/A 234197
Keep previous recovery methods when changing recovery mode like Forest Recovery --> Repromotion --> Forest Recovery N/A 234201
Every DC in simulation project should have a backup created for this domain controller so all recovery methods are available N/A 234203

Disaster Recovery Edition

Enhancement ID (old) Azure DevOps
Recovery Manager for Active Directory 10.2.2
Allow UI to configure different criteria for BMR backups vs system state backups N/A 318213
As a RMAD DRE user I have an option to add and remove an AWS S3 storage location under the storage node N/A 329448
As a RMAD PowerShell user I can use a PowerShell cmdlet to add/remove/edit AWS S3 storage N/A 329452
Ability to pause recovery in DSRM mode N/A 333756
Secure Storage: support secure storage server maintenance without unhardening N/A 353018
Forest level option to pause recovery in DSRM mode N/A 358283
Recovery Manager for Active Directory 10.2.1
Support console local storage as a primary storage for copying to Secure Storage server N/A 280129
Smart instance type selection for Azure virtual machine creation with Restore to Clean OS feature N/A 281406
In the Secure Storage node provide ability to sort/filter/group backups in the RMAD console N/A 278538
As a part of server hardening check server and do not allow a domain joined server. Secure Storage agent will not be installed N/A 258979
Ability to configure volume for backups on Secure Storage server. Default to copy backups to non system drives. N/A 276487
Option to specify static IPs for Azure virtual machine creation N/A 315595
Improvement for template selection in Restore to Clean OS N/A 297078
Support verify for 'Restore to Clean OS' on live DCs, show warning when live DC is contacted RMADFE-2933 218376
Show free disk space and warning when space is low for volumes on Secure Storage server N/A 227980
Recovery Manager for Active Directory 10.2
The current image file is not recreated if the file is not older than X days and the version of the Forest Recovery agent and network settings are not changed N/A 218323
Document how to pre-configure clean external DNS server which is used for BMR or Clean OS recovery RMADFE-3110 218435
Show computer collection type (system state/BMR) in the RMAD console collections grid RMADFE-3228 218917
In "Restore to Clean OS" we need to disable Windows Updates before promoting machine to DC N/A 229862
Recreate ISO when third-party drivers added or removed N/A 230402
Log the recovery event with source disk configuration information N/A 230457
Validate source and target disks layout match N/A 230963

 

Resolved Issues

General Resolved Issues

Resolved Issues ID (old) Azure DevOps
Recovery Manager for Active Directory 10.2.2
RMAD replication doesn't work with Group Managed Service Account (gMSA) configured for console connection RMADFE-2594 242195
gMSA cannot be used when setting up replication RMADFE-2519 242560
Use a gMSA account from one domain as the agent account for backing up DCs in a different domain does not work N/A 265197
RMAD not finding backups requested by ODR in different timezones N/A 316404
BackupAgent does not respect global logging setting "Create a new set of log files: Never" N/A 322747
Update DisksInfoProvider to be more current and ignore unnecessary drive types N/A 323924
ERDiskAD.mdb does not get imported, gets overwritten by blank rmad.db3 when installing the new version. N/A 352421
A v10.2.1 pre-installed backup agent fails when backup is requested by a v10.1.1 console N/A 353765
Updating backup agent fails if custom port is configured. N/A 354851
Global settings dialog has a slightly broken layout on several tabs N/A 358457
RMAD Console - Replication: Backup information is not being cleaned out of the console when it no longer exists on source N/A 359553
RMAD Console: Diagnostic Logging drop-down reverts to Global Settings when enabled within Advanced settings of Computer Collection N/A 363140
Installer log messages are truncated N/A 364258
Recovery Manager for Active Directory 10.2.1 Hotfix 2
RMAD Console Replication error (XML error) during replication when backup runs on master console N/A 351462
Cleanup of metadata during restore of an unprotection object failed from accidental deletion N/A 354567
RMAD Console: Diagnostic Logging drop-down reverts to Global Settings when enabled within Advanced settings of Computer Collection N/A 363140
RMAD build 10.2.1.36279 will not install and triggers MS Defender notification N/A 366313
Recovery Manager for Active Directory 10.2.1 Hotfix1
Error with diagram explaining Change Auditor integration N/A 323348
GMSA workflow in the documentation is reportedly missing steps N/A 325726
Cannot retry a snapshot if certain errors occurred while creating a backup N/A 330733
Recovery Manager for Active Directory 10.2.1
Allow to unselect Console storage immediately as alternative has been configured N/A 220573
Large number of scheduled tasks can cause Console, Replication and PowerShell cmdlets to be extremely slow RMADFE-1837 242166
Remove a BOM prefix from the script file N/A 257798
Unpacking the backup and the retention policy may fail if the DC cannot be accessed via LDAP from the RMAD console machine N/A 279431
RPC calls to Backup Agent are not retried on RPC_S_SERVER_TOO_BUSY error N/A 314812
Misleading 'Unable to map the network share IPC$ on the computer' error message on attempt to map UNC share N/A 316902
Installation fails with an invalid error message when using a local windows credential to connect to the remote SQL server N/A 317818
Online Restore Wizard cannot undelete an object using a non-administrative
account. Restoring an object in Online Restore Wizard using a
non-administrative account may result in the following error for NT-Security-Descriptor attribute: "Cannot retrieve attribute value(s) from Active Directory. Possible reason: Insufficient access rights." To ignore this error, the NT-Security-Descriptor attribute can be excluded from the list of restored attributes.
N/A 293311
Recovery Manager for Active Directory 10.2 Hotfix 1
Installation of Quest personal certificates to the local certificate store failed. Receive error message to install Quest certificates later. This should not be required. N/A 274643
Computer Collection scheduled tasks removed after upgrade to 10.2 if gMSA used as the scheduled task account N/A 280854
rmad.db3 file gets overwritten during an uninstall -> install of version 10.2 N/A 283069
Cannot retain the uncheck "Global Catalog Servers" option in the Advanced tab of the Computer Collection properties window N/A 230397
It will display 'Network access is denied' error in Win2016/2019 if specify account to restore GPO with "domain\username" format N/A/ 233623
Cannot see some advanced objects in the object picker in Online Restore Wizard N/A 275027
Recovery Manager for Active Directory 10.2
Security Vulnerability - Sensitive comments embedded within client-side code sent to an end user machine RMADFE-3244 218142
Security Vulnerability - Runtime hardening (SEP, ASLR and other) RMADFE-3248 218146
Full replication fails when a DC is selected for the option 'Unpack each backup upon its creation' in the master console RMADFE-1858 218500
Storage agent settings are not applied on install N/A 219910
No progress/wait indication after clicking 'OK' on the 'Add Console…' dialog N/A 224321
Backup fails if the Domain Controllers OU has a AzureADKerberos computer object in it as part of Azure AD FIDO deployment N/A 227903
Improve documentation with information on number of scheduled computer collections for optimal performance N/A 232614
Access Violation in the ProcessRequest function and crashes service N/A 232682
Remove mutual exclusion mechanism between replication process and restore process RMADFE-1575 237972
Display correct backup info and support restore for Collections with containers (not DCs) N/A 240580
Retriable VSS error causes undefined behavior in Backup Agent on retry N/A 241825
Modify the configuration to remove collision problems with SHA1, moved to SHA256 N/A 253913
Retention policy ignores collection and consider backups of all collections N/A 259645

Forest Recovery Resolved Issues

Resolved Issue ID (old) Azure DevOps
Recovery Manager for Active Directory 10.2.2
Installing Forest Recovery agent hangs if SMB shares are disabled N/A 285225
Antivirus scanning failed with 'Path too long' error N/A 324610
FRConsole broken due to undocumented new System Requirements for FR Console N/A 325287
FR Console Crashes after recovery cancellation N/A 363341
Recovery Manager for Active Directory 10.2.1 Hotfix 2
Install AD/IFM operation may fail unable to bind replicationPartner parameter N/A 356459
Recovery Manager for Active Directory 10.2.1 Hotfix1
Forest Recovery Console takes a long time to apply backup selection criteria N/A 322570
Online Restore Wizard cannot connect to Change Auditor database if the agent-based method is selected N/A 325775
Verify Setting may fail at pre-recovery checking DSRM password N/A 328446
Protect object from accidental deletion prevents Metadata Cleanup from removing DC computer object N/A 330979
Recovery Manager for Active Directory 10.2.1
Check Forest Health can get stuck on the second step RMADFE-3041 218559
New recovery project, selecting a Backup display the adding time in the Backup Age column instead of backup age N/A 237971
'There is no PREFERRED_DNS value' error occurs, if no DNS server is found on installing Active Directory RMADFE-2437 242191
Feature loss in Forest Edition: Cannot skip a backup for non-authoritative DCs in Sysvol recovery mode N/A 245551
'There is no PREFERRED_DNS value' error when a 'Select preferred DNS' agent operation did not return a result it causes product to halt and cannot be skipped or aborted N/A 253457
Resume Forest Recovery show 'Password is incorrect' N/A 254788
Installing Forest Recovery agent hangs if SMB shares are disabled N/A 285225
Recovery Manager for Active Directory 10.2 Hotfix 1
During upgrade a DBImport error occurs when antimalware status data exists. Caused by debug logging on by default. N/A 274622
GPO Comparison Report is not working N/A 278211
Recovery Manager for Active Directory 10.2
Email notification template contains invalid text and status message N/A 252659
Verification email contains incorrect backup data N/A 252866
Creating ADVL fails when unable to access VConverter error N/A 253382
Wrong replication partner is selected in IFM recovery on second phase. IFM failed N/A 253681
IFM script does not automatically reboot DC after installed AD DS tools. IFM failed N/A 253778
Install AD method on second phase may fail with "Unable to connect to the replication source" N/A 225791
IPSec isolation policy was not removed successfully when previous forest recovery is aborted and left dirt data N/A 237004
IPSec isolation policy was not removed successfully during restore N/A 237049
The "Reset computer account" operation fails when some other recovery operation failed and retried earlier RMADFE-2659 242197
After upgrade from 10.1 to 10.1.1, the Verify Settings in Forest Recovery console send emails with some kind of strange status messages N/A 242679

Disaster Recovery Resolved Issues

Resolved Issue ID (old) Azure DevOps
Recovery Manager for Active Directory 10.2.2
Online restore with agent failed with the error code "The operation completed successfully" N/A 231815
Replication health check hangs if some replication neighbors cannot be contacted RMADFE-2841 242201
The "Ensure that domain controller isolation is disabled" Clean OS operation might stuck N/A 273396
Unisolate step hangs indefinitely during Clean OS recovery if FW turned on by GPO N/A 320773
Azure VM creation fails on generating service principal with "cannot call method on a null-valued expression" N/A 333691
Windows Server Backup (BMR) Verify doesn't work on non-English windows N/A 355867
Unable to install Secure Storage Agent on non-English server N/A 361135
Clean OS recovery. Ensure Sysvol replication engine is initialized completely before proceeding to backup recovery N/A 363117
Mapping of same share takes a long time in sequential order if it has already been mapped under another user N/A 364473
Azure VM creation: Unable to configure VPN connection if target network has multiple subnets N/A 364504
Automatic boot of VMWare VM may fail on uploading ISO file to the datastore N/A 364508
Recovery Manager for Active Directory 10.2.1 Hotfix 2
Restore to clean OS may fail with "More data is available" error N/A 323968
Verification fails with 80+ AD DCs in parallel N/A 346048
Recovery Manager for Active Directory 10.2.1 Hotfix1
RMAD VSS backup might be corrupted, no errors is reported RMADFE-2794 242199
BMR recovery may fail at ISO image creation with "Access to the share path is denied" error N/A 321726
Regression on 220573: Should allow Console Storage unselection immediately N/A 324331
Wrong disk free space calculation in Clean OS verify and recovery workflows N/A 324353
Secure Storage Server - copying multiple backups at same time to new secure storage server folder can lead to error N/A 326044
"EFI secure boot could be enabled only on EFI firmware" error when creating VMWare virtual machine N/A 329480
Fix "Including additional volumes to a BMR backup" documentation N/A 348727
Recovery Manager for Active Directory 10.2.1
Cache and reuse the extracted WinRE images RMADFE-3206 218577
Health Check wizard should work after Restore to Clean OS N/A 226971
Bare Metal Recovery backup does not work with SAN policy set to OfflineAll RMADFE-1955 242174
Restore Clean OS failed if original DC has encrypted volumes RMADFE-2857 242202
Recreate ISO when third-party drivers added or removed RMADFE-2928 242204
Installing Active Directory may fail with access denied due to lack of permissions to write the objects into Computers OU. To workaround, user must set the JoinDomainBeforeInstallAD option to True in FRConsoleSettings.xml file. This will skip joining OU Computers during the promotion of the DC and join it directly to OU Domain Controllers. RMADFE-3101 242598
Incorrect filtering of backups on the secure storage server N/A 278874
Password showing in clear text for event id 403, showing PowerShell script name, the user name, and password N/A 281399
Project verification with Zero touch configured reboots the working servers to WinRE mode N/A 283230
Unable to verify settings if Azure virtual machine exists or is shut down N/A 304177
Forest Recovery with VMWare machine creation fails if source has BIOS firmware and more than one critical disk N/A 313724
Console crashes if storage server refresh fails when secure storage backups node is selected N/A 315182
Failed to establish DNS configuration after recovery with Azure virtual machine N/A 318396
Failed to prepare infrastructure on Azure VM with 'QuestSoftware.RecoveryManager.AD.ForestRecovery.LocalizableException: Cannot find path because it does not exist' message N/A 318660
Change the warning which explains that the recovery ISO should be dismounted N/A 318768
Error message prompting the user failed because the host program or the command type does not support user interaction, after failing to create VM in Azure and Retry All operations for a specific DC N/A 319038
Cannot validate argument on parameter 'VM'. The argument is null or empty N/A 319040
Unable to access the backup on Azure file share during Clean OS Restore to Azure VMs N/A 304022
For Azure VM creation, a cloned Infrastructure platform template is not automatically selected on the infrastructure tab after Service Principle generation N/A 259493
Azure VM creation does not work with Az Powershell module 7.0.0. API changes in Service principal management cmdlets used by RMAD. N/A 323193
Recovery Manager for Active Directory 10.2 Hotfix 1
Zero touch against Dell server not working. Forward slash in the ISO access credentials is required. N/A 274417
Integrity check may fail if the storage server is registered using an IP address N/A 274471
Double backslash in the backup path on the storage server causes failure N/A 274472
Cannot perform BMR restore in 10.2 if the source machine is BIOS with a SCSI boot volume N/A 277893
"System.ArgumentException: An item with the same key has already been added" error during BMR recovery when multiple DCs configured to boot using iLO N/A 282728
Dell and HP ZeroTouch settings are converted to templates on upgrade N/A 283208
Template selection and configuration usability improvements and clarification with better text N/A 297078
Recovery Manager for Active Directory 10.2
An error "Index(zero based) must be greater than" during BMR recovery on the Restore disks step N/A 218575
When processing Bare Metal Active Directory recovery for Korean Windows, it created error message in 'Run pre-recovery checks' step N/A 219702
During BMR recovery restart domain controller in normal mode hanging N/A 227232
"Collection diagnostic data" tool fails to collect data from target machine in Clean OS and BMR modes N/A 227427
Cannot bind parameter 'DomainMode' to the target error N/A 232543
DC restored with 'Restore to Clean OS' method from backup without DNS partition should not be selected as Primary DNS server RMADFE-3100 242133

 

Security

Recovery Manager for Active Directory fully supports Transport Layer Security (TLS) 1.2. It is recommended that you upgrade to TLS 1.2 for secure communications.

Security Resolved Issue ID (old) Azure DevOps
Recovery Manager for Active Directory 10.2.1
Do not use SHA1 for key derivation function to generate hash for creation of
AES-256 key for backup encryption
--- ---

 

Self Service Tools
Knowledge Base
Notifications & Alerts
Product Support
Software Downloads
Technical Documentation
User Forums
Video Tutorials
RSS Feed
Contact Us
Licensing Assistance
Technical Support
View All
Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating