Chat now with support
Chat with Support

Welcome, Quadrotech customers to Quest Support Portal click here for for frequently asked questions regarding servicing your supported assets.

On Demand Recovery Current - User Guide

About On Demand Recovery Before You Start On Demand Recovery Console Overview Working with On Demand Recovery Backup Unpacking Restoring objects Integration with Recovery Manager for Active Directory Reporting Advanced Search How does On Demand Recovery Handle Object Attributes? What is not protected by Auzure AD Connect in a hybrid environment but can be restored by On Demand Recovery?

Hybrid connection security

FIPS 140-2 compliant TLS protocol is used for traffic encryption. HTTPS certificate is validated on our client side (Recovery Manager Portal).

Server side is Azure WCF Relay that is created and configured in Quest Azure Subscription.

Shared Access Signature (SAS) is used for authentication. A SAS token is based on an access key generated by On Demand Recovery cloud. This key is downloaded to the on-premises server with Recovery Manager Portal and used in the portal configuration to establish the Hybrid connection (from on-premises to the cloud). The SAS token is sent to the cloud and verified on each connection request. For details about Shared Access Signature algorithm, click the following link: https://docs.microsoft.com/en-us/azure/service-bus-relay/relay-authentication-and-authorization.

Reporting

On Demand Recovery includes the comparison report feature that is used to monitor and roll back changes occurred in live Azure Active Directory or Office 365 since the backup was created. The report assists you with troubleshooting and resolving problems that may result from the deletion of critical objects or parameter changes.

The report shows the following changes:

  • Creation of new users or groups
  • Changes to Azure AD B2C "local accounts", "guest accounts", and "social accounts"
  • Changes to object attributes, including licenses
  • Group membership and manager property changes (DirectoryLinkChange object type)
  • Changes to service principal objects: deletion of a service principal, add/remove roles (custom roles are not monitored), changes to the accountEnabled property
  • Objects moved to the Recycle Bin
  • Permanently deleted objects
  • When deleting a group, all links that were affected by this action are shown in the Differences report, such as Azure AD group membership, SharePoint groups membership, conditional access policies, group owners, and application assignments.

Note: Restore of group membership from the Difference report is not supported for hybrid environments. Use the Objects view, to restore the 'member' or 'memberOf' attributes of an object.

To view and roll back changes in Azure Active Directory or Office 365

Note: Objects added to the directory after the backup was created cannot be deleted using the Restore option in the comparison report. This option removes only membership information for the selected object and logs an event.

  1. Create a backup of your directory.
  2. Change any object attributes in your live Azure Active Directory or Office 365.
  3. Unpack the backup to compare with the current version of your directory. For that, click Unpack backup on the Dashboard view. In the Backup Unpacking dialog, click Browse and select the backup.
  4. After the backup is unpacked, go to the Differences view.
  5. To refine the data, use the Search field or facets on the left side of the screen.
    For more information about the search syntax, see Advanced search.
  6. Select the changes you want to roll back and click Restore.
  7. To update the report data, use the Refresh option.
  8. The Export feature allows you to export the selected report data to the CSV format. Note that the CSV file contains internal column names, for example: the Attribute column in the Difference report has the "changedAttribute" internal name. You can use internal column names to create search queries. For more information, refer to Advanced search.

Advanced Search

You can use words, symbols, and query strings in your search to make your search results more precise.

Consider the following:

  • It is recommended to add an asterisk to the end of your search term. The asterisk will replace a character in your search string to indicate that any number of characters can be substituted in place of the asterisk.
  • Do not put spaces between the symbol or word. For example, a search for changedAttribute:link* will work, but will not work for changedAttribute: link*
  • Press Enter to get the search results.
  • Keywords are not case-sensitive.
  • You can export selected search results to the CSV file.

Using operators in keyword queries

You can use special punctuation marks to refine your search.

Table 4: Operators that can be used in keyword queries

To search for Operator Example Result
Specify part of a word * serv* Include terms beginning with "serv".
Exclude specified content - -mail* Excludes content with values that match the exclusion.
Exclude specified content NOT
(case-sensitive)
NOT mail* Excludes content with values that match the exclusion
Include specified content + +mail* Includes content with values that match the inclusion.
Multiple keywords space mail user Returns content that includes either 'mail' or 'user'.
Multiple keywords OR
(case-sensitive)
mail OR user Returns content that includes either 'mail' or 'user'.
Multiple keywords AND
(case-sensitive)
mail AND user Returns content that includes both these keywords.
Exact phrase Quotation marks "Object hard deleted" Finds items that contain the exact phrase "Object hard deleted".

Note: Asterisk matches zero or more non-space characters.

Related Documents