Configure RecoveryManager Plus

Configuring RecoveryManager Plus with a service account

It is recommended to use an account with Domain Admin privileges to configure RecoveryManager Plus. In cases where your organization's policies restrict usage of such accounts, you can assign a user or service account with the least privileges required for RecoveryManager Plus to work properly. This account can then be used for configuring the domain settings in RecoveryManager Plus.

The following table lists the required privileges.

AD Partition Scope
DomainDNSZones
  • Full control over permissions
  • Read all properties
  • Write all properties
ForestDNSZones
  • Full control over permissions
  • Read all properties
  • Write all properties
Configuration
  • Full control over permissions
  • Read all properties
  • Write all properties

Please follow the steps given below to assign the privileges to a user or service account.

Step 1: Delegate control of a domain to a user.

  1. Open Active Directory Users and Computers.
  2. Right-click the domain name in the left-tree and click Delegate Control.

    configure-service-account-recovery-manager-plus

  3. Select the user account with which you wish to configure RecoveryManager Plus and click Next.

    configure-service-account-recovery-manager-plus

  4. Delegate all the common tasks and click Next.

    configure-service-account-recovery-manager-plus

  5. You can now close the wizard and continue with the next step.

Step 2: Provide the user account with all permissions relating to DomainDNSZones, ForestDNSZones, and configuration partitions.

  1. Open ADSI Edit.
  2. Click Action → Connect to.

    configure-service-account-recovery-manager-plus

  3. In the Connection Settings dialog box that appears, provide the distinguished name of the DomainDNSZones partition and click OK.

    configure-service-account-recovery-manager-plus

  4. Right-click DomainDNSZone in the left-pane and click on Properties.

    configure-service-account-recovery-manager-plus

  5. In the dialog box that appears, click Advanced.

    configure-service-account-recovery-manager-plus

  6. Click Add.

    configure-service-account-recovery-manager-plus

  7. Click the link Select a principal.

    configure-service-account-recovery-manager-plus

  8. In the dialog box that appears, provide the name of the user account with which you wish to configure RecoveryManager Plus.
  9. Select Full control in Permissions.

    configure-service-account-recovery-manager-plus

  10. Scroll down and select Read all properties and Write all properties in Properties.

    configure-service-account-recovery-manager-plus

  11. Now that the user account has been provided with all permissions relating to DomainDNSZones, click Action → Settings in ADSI edit.

    configure-service-account-recovery-manager-plus

  12. Add ForestDNSZones and configuration partitions to ADSI edit and repeat the steps to provide the account with all the required permissions.

Once the account has been provided with all the permissions, you can use this account to configure RecoveryManager Plus.

To configure RecoveryManager Plus using this account, follow the steps listed below.

  • Log in to RecoveryManager Plus as the administrator.
  • Navigate to Active Directory tab → SettingsDomain Settings.
  • Click the edit-icon icon located in the Action column.
  • Provide the username and password of the user/service account .
  • Click Save.
  • In the error message that is displayed, click the click here link.
  • In the pop-up that appears, click Ignore and Save to complete the configuration process.

You're one step away from insuring your AD environment against any disaster.

  Download a free trial now!  Request demo

Couldn't find the feature you wanted? Raise a feature request

A single pane of glass for Active Directory and Exchange Backup