This section describes how to perform administrative tasks in the Recovery Manager Portal. To perform these tasks, you must access the Recovery Manager Portal using the account under which you installed the portal. For more information, see Assigning roles to portal users.
In this section:
To restore Active Directory data, the Recovery Manager Portal relies on unpacked backups created by the Recovery Manager for Active Directory instances deployed in your environment. For this reason, you need to configure the Recovery Manager for Active Directory instances to create unpacked backups for the domain controllers you want. Then, configure the Recovery Manager Portal to work with those instances.
Note that the Recovery Manager Portal can only work with Recovery Manager for Active Directory version 8.6 or higher, so make sure to install or upgrade to that Recovery Manager for Active Directory version.
To configure the Recovery Manager Portal for working with Recovery Manager for Active Directory, complete the following steps:
To access a Recovery Manager for Active Directory instance, the Recovery Manager Portal requires the Recovery Manager Remote API Access service to be installed and running on the Recovery Manager for Active Directory computer. This service enables the following Recovery Manager for Active Directory features: integration with Recovery Manager Portal, RMAD console fault tolerance and support for hybrid environment.
The Recovery Manager Remote API Access service is an optional feature and you must select this component when installing Recovery Manager for Active Directory Forest Edition version 10.0. To check if this service is installed and running, you can use the Services tool (services.msc). If the service is not installed, complete the next steps to install it.
To install the Recovery Manager Remote API Access service
The Quest Recovery Manager Remote API Access service runs under the Local System account by default.
However, you can specify another service account using the Services snap-in or command line.
To change the service account using the Services snap-in
To change the service account using the command line
The table below lists the minimum user account permissions required for different tasks.
Task | Minimum permissions |
Run the service |
Have the Log on as a service permission. To grant the permission:
|
Connect to the configuration database | Have the Read and Write permissions on RMAD database folder %PROGRAMDATA%\Quest\Recovery Manager for Active Directory. |
Write the service log | Have the Read and Write permissions on the folder RMAD log. |
Invoke COM Surrogate (64-bit OS) |
Have the Local Launch and Local Activation permissions on COM server "COM Surrogate" . To grant permissions:
|
Register COM at run time | Have the Read and Write permissions for the registry keys "HKEY_CLASSES_ROOT", "HKEY_LOCAL_MACHINE\SOFTWARE\Classes" and "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes". |
Access the backups folder | Have the Read permission on the folder backups. |
Access the unpacked backups folder | Have the Modify permission on the folder unpacked backups. |
Create Scheduled Tasks when using the Replication feature in the Full mode | Have the Read permission on folder %SystemRoot%\system32\Tasks. |
Create Scheduled Tasks when using the Replication feature in the Full mode on Windows Server 2016 | Be a member of the local Administrators group. |
In this step, you need to configure the Recovery Manager for Active Directory instances for working with the Recovery Manager Portal.
To configure a Recovery Manager for Active Directory instance
This is required because the Recovery Manager Portal can only restore data from unpacked backups.
The number of retained unpacked backups determines the number of available backup states to which you can restore Active Directory objects in the Recovery Manager Portal.
© 2021 Quest Software Inc. ALL RIGHTS RESERVED. Feedback Terms of Use Privacy