Configure RecoveryManager Plus

Configuring RecoveryManager Plus with a service account

It is recommended to use an account with Domain Admin privileges to configure RecoveryManager Plus. In cases where your organization's policies restrict usage of such accounts, you can assign a user or service account with the least privileges required for RecoveryManager Plus to work properly. This account can then be used for configuring the domain settings in RecoveryManager Plus.

The following table lists the required privileges.

AD Partition Scope
Domain
  • Full control over permissions
  • Read all properties
  • Write all properties
DomainDNSZones
  • Full control over permissions
  • Read all properties
  • Write all properties
ForestDNSZones
  • Full control over permissions
  • Read all properties
  • Write all properties
Configuration
  • Full control over permissions
  • Read all properties
  • Write all properties

Please follow the steps given below to assign the privileges to a user or service account.

Provide the user account with all permissions relating to domain, DomainDNSZones, ForestDNSZones, and configuration partitions.

  1. Open ADSI Edit.
  2. Click Action → Connect to.

    configure-service-account-recovery-manager-plus

  3. In the Connection Settings dialog box that appears, provide the distinguished name of the Domain partition and click OK.

    configure-service-account-recovery-manager-plus

  4. Right-click Domain in the left-pane and click on Properties.

    configure-service-account-recovery-manager-plus

  5. In the dialog box that appears, click Advanced.

    configure-service-account-recovery-manager-plus

  6. Click Add.

    configure-service-account-recovery-manager-plus

  7. Click the link Select a principal.

    configure-service-account-recovery-manager-plus

  8. In the dialog box that appears, provide the name of the user account with which you wish to configure RecoveryManager Plus.
  9. Select Full control in Permissions.

    configure-service-account-recovery-manager-plus

  10. Scroll down and select Read all properties and Write all properties in Properties.

    configure-service-account-recovery-manager-plus

  11. Now that the user account has been provided with all permissions relating to domain partition, click Action → Settings in ADSI edit.

    configure-service-account-recovery-manager-plus

  12. Add DomainDNSZones, ForestDNSZones and configuration partitions to ADSI edit and repeat the steps to provide the account with all the required permissions.

Once the account has been provided with all the permissions, you can use this account to configure RecoveryManager Plus.

To configure RecoveryManager Plus using this account, follow the steps listed below.

  • Log in to RecoveryManager Plus as the administrator.
  • Navigate to Active Directory tab → SettingsDomain Settings.
  • Click the edit-icon icon located in the Action column.
  • Provide the username and password of the user/service account .
  • Click Save.
  • In the error message that is displayed, click the click here link.
  • In the pop-up that appears, click Ignore and Save to complete the configuration process.
Note: When you configure RecoveryManager Plus with a service account, you might encounter some issues when you back up GPOs. Follow the steps listed here for troubleshooting some frequently encountered issues.

You're one step away from insuring your AD environment against any disaster.

  Download a free trial now!  Request demo

Couldn't find the feature you wanted? Raise a feature request

A single pane of glass for Active Directory, Office 365, and Exchange Backup