Chat now with support
Chat with Support

Recovery Manager for AD Forest Edition 10.0.1 - User Guide

Overview Backing up data
Permissions required for the Backup operation Managing Backup Agent Using a least-privileged user account to back up data Creating backups Retrying backup creation Enabling backup encryption Backing up AD LDS (ADAM) Backing up cross-domain group membership Backing up distributed file system (DFS) data Backup scheduling Setting performance options Setting advanced backup options Using Forest Recovery Agent Unpacking backups Using e-mail notification Viewing backup creation results Getting started
Permissions required to use Recovery Manager for Active Directory Recovery Manager Console Icons in the user interface Getting and using help Configuring Windows Firewall Using Computer Collections Managing Recovery Manager for Active Directory configuration Licensing
Restoring data
Getting started with Active Directory recovery Managing deleted or recycled objects Restoring backed up System State components Using granular online restore Restoring AD LDS (ADAM) Selectively restoring Active Directory object attributes Restoring objects in an application directory partition Restoring object quotas Restoring cross-domain group membership Performing a restore without having administrator privileges Reports about objects and operations Using complete offline restore Offline restore implications Restoring SYSVOL authoritatively Performing a granular restore of SYSVOL Recovering Group Policy Restoring data from third-party backups Using the Extract Wizard Restoring passwords and SID history
Fault tolerance Consolidating backup registration data Monitoring Recovery Manager for Active Directory Recovering an Active Directory forest
Permissions required to use Forest Recovery Console Forest Recovery Console Managing a recovery project Install Active Directory from Media recovery method Install Active Directory recovery method Managing Forest Recovery Agent Rebooting domain controllers manually Specifying fallback IP addresses to access a domain controller Resetting DSRM Administrator Password Purging Kerberos Tickets Managing the Global Catalog servers Managing FSMO roles Manage DNS Client Settings Configuring Windows Firewall Forest recovery overview Selectively recovering domains in a forest Recovering SYSVOL Deleting domains during recovery Resuming an interrupted forest recovery Recovering read-only domain controllers (RODCs) Checking forest health Collecting diagnostic data for technical support
Using Management Shell Creating virtual test environments Using Recovery Manager for Active Directory web interface Appendices
Frequently asked questions Best practices for creating backups for forest recovery Best practices for recovering a forest Descriptions of recovery or verification steps Backup Wizard Online Restore Wizard Online Restore Wizard for AD LDS (ADAM) Group Policy Restore Wizard Repair Wizard Extract Wizard Events generated by Recovery Manager for Active Directory

Creating virtual test environments

About Active Directory Virtual Lab

The Active Directory Virtual Lab is a component of Recovery Manager for Active Directory Forest Edition that helps you create virtual test environments from an Active Directory forest. You can use the created test environments to design and evaluate Active Directory disaster recovery scenarios, test planned Active Directory changes before deploying them to production, train your staff to perform Active Directory-related tasks, and more.

When creating virtual machines from the source computers, the Active Directory Virtual Lab uses third-party virtualization software, such as Microsoft System Center Virtual Machine Manager (SCVMM), VMware ESX, or VMware vCenter. For a full list of supported virtualization software, see the System Requirements section in the Recovery Manager for Active Directory Forest Edition Release Notes.

You can create virtual machines that maintain all the data available on the source computers, including Active Directory, installed programs, and files. To manage the created virtual test environment, you need to use the native tools provided by the virtualization software with which the Active Directory Virtual Lab created the virtual machines in the test environment.

To create a virtual test environment from an Active Directory forest, you first need to select the source computers (domain controllers or standalone servers) you want to include in the test environment, configure settings to create a virtual machine from each source computer, and then have the Active Directory Virtual Lab create the test environment for you.

For instructions on creating a virtual test environment, see How to create a virtual test environment.

Permissions

This section lists the permissions required to create a virtual test environment by using the Active Directory Virtual Lab.

Table 39: Required permissions

Task Minimum permissions
Install and use Active Directory Virtual Lab. Be a member of the local Administrators group.

Create a virtual machine from a source computer.

NOTE: This includes access to the source computer, Forest Recovery Agent installation, and virtualization agent installation.

Create a virtual test environment using Microsoft SCVMM.

Have the Delegated Administrator role on the Microsoft SCVMM server.

Be a member of the local Administrators group on the target Hyper-V host.

Create a virtual test environment using VMware vCenter/ESX.

VMware vCenter/ESX server:

  • Datastore
    • Allocate Space
    • Browse Datastore
  • Network
    • Assign Network
  • Resource
    • Assign Virtual Machine To Resource Pool
  • Profile-driven storage
    • Profile-driven storage view
      NOTE: This permission must be assigned to the vCenter Server root level.
  • Virtual Machine
    • Configuration
    • Guest Operations
    • Interaction
      • Configure CD Media
      • Device Connection
      • Power Off
      • Power On
      • VMware Tools Install
  • Inventory
  • Provisioning
    • Allow Disk Access
    • Allow Read-Only Disk Access
    • Customize
    • Modify Customization Specifications
    • Read Customization Specifications

To install Converter Standalone agent, use built-in Administrator account to connect to the source machine or disable User Access Control (UAC) on the source machine.

   

Communication ports

This section provides information about the communication ports required to create a virtual test environment with the Active Directory Virtual Lab.

In this section:

Related Documents