Forest Recovery

Active Directory forest recovery

Technology analysts at Gartner classify Microsoft Active Directory (AD) as a tier 0 service, implying that it is a critical infrastructure that has to be available at all times. Organizations use AD to manage user accounts and enforce security policies, and any faults or downtime have a significant impact on business productivity. When AD does not perform as intended, users might be unable to access key resources, such as printers, or even log in to their computers.

If no immediate action is taken to restore your AD forest when all domain controllers fail, it can affect your business for days on end.

Keep your business running smoothly by implementing RecoveryManager Plus. Use RecoveryManager Plus to rebuild your entire AD forest quickly and easily in the event of AD failure.

Using RecoveryManager Plus to back up your AD forest

Active Directory forests have at least one domain and domain tree in a contiguous namespace, linked in a transitive trust hierarchy. Each domain has one or more domain controllers.

With RecoveryManager Plus, you can back up all aspects of a domain controller such as the system state, the data in system partitions, and the AD database. In case of any disasters or mishaps, this will allow you to restore your domain controllers to the last working state.

To recover your AD forest when all the domain controllers in a forest fail, it is necessary to have at least one domain controller per domain backed up. It is also considered best practice to back up domain controllers that are assigned Flexible Single Master Operation (FSMO) roles. Microsoft recommends performing at least two backups within the tombstone lifetime.

Use RecoveryManager Plus to periodically back up all your domain controllers and to save incremental changes to domain controllers between backups. These incremental backups ensure that you always have a recent copy of your AD with all of the changes included.

Using RecoveryManager Plus to back up your AD forest

Restoring your AD forest

Performing an authoritative restoration of the domain controller with the latest backup available is the quickest way to get your AD forest up and running.

You can restore one domain controller per domain using the RecoveryManager Plus restoration wizard. The restoration wizard will restore your AD to the state of the most recent full backup. Once the restoration of the full backup is complete, use RecoveryManager Plus to restore the incremental backups of the domain controller as well.

Benefits of RecoveryManager Plus

Incremental backups

Maintain a copy of the latest version of your AD with RecoveryManager Plus’s incremental backups. By only backing up changes to AD since the last full backup, incremental backups save time and storage space while ensuring all your AD data is recoverable.

Backup retention

RecoveryManager Plus gives you the flexibility to configure a backup retention period, which also defines the number of full backups that will be stored. When the total number of full backups exceeds the configured value, the oldest full backup is discarded.

Custom backup scheduler

Choose when you'd like to fully and incrementally back up your AD forest. Typically, it is considered best practice to fully back up your domain controllers at least once every month, and incrementally back up changes on a daily basis.

Compress backups

Use less storage space by compressing backups to a quarter of their original size.

Support for multiple Windows servers

RecoveryManager Plus can back up domain controllers running on Windows Server 2008, 2008 R2, 2012, 2012 R2 and 2016.

A single pane of glass for Active Directory and Virtual Environment Backup