Chat now with support
Chat with Support

Disaster Recovery for Identity Current - for Active Directory Release Notes

Release Notes

Quest® Disaster Recovery for Identity for Active Directory

Release Notes

March 26, 2025

Disaster Recovery for Identity for Active Directory offers off-network abilities to manage on-premises domain controllers, including Active Directory® backups and restore operations, in the case of a disaster. It is essential for any modern business have uninterrupted network and computer systems, which are essential for business continuity. Unforeseen outages, like directory service failures, can significantly disrupt operations. To mitigate such risks, critical infrastructure must be designed for swift recovery from failures.

 

Disaster Recovery for Identity for Active Directory leverages advanced technologies to minimize downtime resulting from Active Directory corruption or accidental modifications. This solution automates backups and enables rapid, remote recovery of data stores in Active Directory. Disaster Recovery for Identity for Active Directory dramatically reduces the time required to restore Active Directory.

Disaster Recovery for Identity for Active Directory allows you to perform the following operations:

  • Configure and manage backups using Backup Plans.
  • Store Active Directory backups in Quest Azure tenant.
  • Configure and manage recovery of an Active Directory forest.
  • Restore Active Directory using Clean OS method, allowing you to restore the entire forest or any of its parts on a freshly installed Windows machine.
  • Schedule backup of domain controllers based on business needs
  • Verify recovery configurations to validate your disaster Recovery Plan

These release notes provide information about Disaster Recovery for Identity for Active Directory deployments.

 

Topics:

Release History

The following lists the new features and resolved issues by deployment.

Current Deployment

Release: March 26, 2025

Feature Issue ID (ADO)
Improvements to services to support stateless allowing for deployment and updates to Disaster Recovery for Identity for Active Directory to be completed without stopping ongoing backup, verification and recovery operations. ADO-520301
Updates to Environment tile to improve user onboarding and product understanding, including removal of DC Agent section from tile and updates to About Agents. ADO-524845
OWASP ASVS V5.5, V5.19, V5.20, V5.21, V18.4: Enhanced server validation of inputs ADO-525649
Deployment to Australian and Canadian regions. Disaster Recovery for Identity for Active Directory now supports the following regions: Australia, Canada, EU, UK and US. ADO-530535
Show notification when verification or recovery is running and hybrid agent goes offline. ADO-535753
Domain controller agent updated to version 10.3.2.44484. ADO-544324

Previous Deployments

Release: March 13, 2025

Feature Issue ID (ADO)
Limit domain controllers that can be backed up by domain. Limit domain controllers that can be backed up by Backup Plans per domain. A maximum of 10 domain controllers per domain can be included in Backup Plans. ADO-523055
Display Total Elapsed Time on Tasks. ADO-531124
Compatibility with Recovery Manager for Active Directory Forest/Disaster Recovery Edition (RMAD FE/DRE): Domain controller agent version checking for installation of DRI AD and RMAD FE/DRE in the same Active Directory environment. RMAD FE/DRE 10.3.2 or later is required. It is recommended to install the DRI AD hybrid agent on the same machine as RMAD Forest Recovery Console. ADO-540986
New detail panel RMAD Compatibility to view guidance information for usage of DRI for AD and RMAD in the same Active Directory environment. ADO-541695
Proper handling of ODRAD and RMAD communication certificates and error messages when mismatches are found. (Certificate Handling between Blob Storage and Plugin). Information available by clicking on RMAD Compatibility on the Environment tab. ADO-546318

Release: March 04, 2025

Feature Issue ID (ADO)
Add clarification about DC agent and hybrid agent on the Create/Edit Environment page ADO-524870
Backup name format in Selected Backup dropdown is the same as on Backups list ADO-532002
"Hybrid agent is offline or unavailable" notification should disappear ADO-546318

Release: February 12, 2025

Feature Issue ID (ADO)
Support of 'Install Active Directory' method' ADO-379572
Display time of the last discovery on the Topology tab ADO-504703
Ability to see when the hybrid agent is offline ADO-517362
Download DC Agent from the Topology tab ADO-526146
Display the total elapsed time from the Tasks tab ADO-531124
Increase retention period for backups to 180 days ADO-535313

Release: January 10, 2025

Feature Issue ID (ADO)
First deployment of Disaster Recovery for Identity for Active Directory N/A

Incident response management

Quest Operations and Quest Support have procedures in place to monitor the health of the system and ensure any degradation of the service is promptly identified and resolved. On Demand relies on Azure and AWS infrastructure and as such, is subject to the possible disruption of these services.

You can view the following status pages:

System requirements

The following web browsers are supported with On Demand:

  • Microsoft Edge
  • Google Chrome (latest version)
  • Mozilla Firefox (latest version)

 

Hybrid agent requirements

  • A standalone or domain-joined server (standalone server is highly recommended).
  • Ensure that the hybrid agent server has a stable internet connection and uses a DNS server that is not affected by a forest failure.
  • A service account used to run the hybrid agent must be a local administrator account on the computer where the hybrid agent is installed.
  • The domain FQDN\username should at least have forest-wide read permissions.

 

Domain Controller Agent requirements

  • A service account used to run the domain controller agent is always a Local System account.
  • An account used to install the domain controller agent remotely must be a member of the Local Administrators group.
  • The minimum supported version for the domain controller agent is 10.3.2.44484.

 

Endpoint requirements

 

Hybrid agent requirements

The hybrid agent must be able to access the following endpoints associated with the region where your On Demand organization resides.

TCP Port Direction Endpoints Description
389

Outbound

Domain Controllers

 LDAP port to domain controllers to discover environment.
445 Outbound Domain Controllers SMB port to domain controllers to install domain controller agents.
443 Outbound

AU

odjrs-auprod-au-iothub.azure-devices.net

https://odjrsauprodaugrssto.blob.core.windows.net

https://odrjsauprodausto.blob.core.windows.net

 

CA

odjrs-caprod-ca-iothub.azure-devices.net

https://odjrscaprodcagrssto.blob.core.windows.net

https://odrjscaprodcasto.blob.core.windows.net

 

EU

odjrs-euprod-eu-iothub.azure-devices.net

https://odjrseuprodeugrssto.blob.core.windows.net

https://odjrseuprodeusto.blob.core.windows.net

 

UK

odjrs-ukprod-uk-iothub.azure-devices.net

https://odjrsukprodukgrssto.blob.core.windows.net

https://odjrsukproduksto.blob.core.windows.net

 

US

odjrs-usprod-us-iothub.azure-devices.net

https://odjrsusprodusgrssto.blob.core.windows.net

https://odjrsusprodussto.blob.core.windows.net

 Agent connection to Disaster Recovery for Identity for Active Directory backend services (see On Demand Global Settings User Guide for more)
80 Outbound

AU

odjrsauprodauiotinst-odjrsauprodauiotacct.b.nlu.dl.adu.microsoft.com

 

CA

odjrscaprodcaiotinst-odjrscaprodcaiotacct.b.nlu.dl.adu.microsoft.com

 

EU

odjrseuprodeuiotinst--odjrseuprodeuiotacct.b.nlu.dl.adu.microsoft.com

 

UK

odjrsukprodukiotinst--odjrsukprodukiotacct.b.nlu.dl.adu.microsoft.com

 

US

odjrsusprodusiotinst--odjrsusprodusiotacct.b.nlu.dl.adu.microsoft.com

 Agent connection to Disaster Recovery for Identity for Active Directory backend services (see On Demand Global Settings User Guide for more)

 

Domain controller agent requirements

The domain controller agent must be able to access the following endpoints associated with the region where your On Demand organization resides.

TCP Port Direction Endpoints Description
445

Inbound

 

 SMB port to allow automatic agent installation.
135 Inbound   RPC Endpoint Mapper port used by the RPC runtime.
49152-65535 Inbound

 

 RPC dynamic port range to accept RPC connection from hybrid agent.
443 or proxy server port Outbound

AU

https://odradprodausa.blob.core.windows.net

 

CA

https://odradprodcasa.blob.core.windows.net

 

EU

https://odradprodeusa.blob.core.windows.net

 

UK

https://odradproduksa.blob.core.windows.net

 

US

https://odradprodussa.blob.core.windows.net

 Download and upload backups from Azure Blob Storage accounts.
Self Service Tools
Knowledge Base
Notifications & Alerts
Product Support
Software Downloads
Technical Documentation
User Forums
Video Tutorials
RSS Feed
Contact Us
Licensing Assistance
Technical Support
View All
Related Documents
Disaster Recovery for Identity - Current
for Active Directory Release Notes
for Active Directory Security Guide
for Active Directory User Guide
Release Notes
Security Guide
User Guide
Showing 1 to 6 of 6 rows

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating