Hello all! Having worked for a while with various computer systems, primarily Active Directory and Exchange, I wanted to share some of my experiences with two objectives in mind: 1) obtain feedback to improve my mastery of those systems and 2) help others working on the same subject. Other posts are about CentOS, Citrix NetScaler, and VMware.
NOTE: most of my posts are in English but some others in French, with a summary in English. However, some of the CentOS blog posts lack this summary.
Saturday, April 14, 2018
Active Directory recovery - 3rd party tools - Recovery Manager Plus - 3
In my previous blog post, I attempted to recover certain objects and was successful in 2 of 3 cases (please refer to that blog post for details). However, I was not able to recover the members of a group, probably because I was not selecting the correct backup version. In the following lines, I'll attempt the recovery operation again.
In this second attempt, I will use the "HR" group once again but with different members:
And once again, I delete the group:
The group has obviously been deleted:
In Recovery Manager Plus (RMP), I perform a backup (which takes into account recent changes), go to the Active Directory tab, and then look at the the column "Groups" where I can see that 1 group has been deleted and 4 users modified (probably a reference to the change in group membership):
I'll now do what I did last time and indicate what I think was the error. Still under the Active Directory tab, I select the "Restore" option (to the left of the screen but not shown in the screenshot below) and observe, here as well, the deleted group and the modified users. I select a backup (red dot in screenshot)...
And then click on Restore:
The restore apparently completes but the result is the same as before (and the group is not restored in Active Directory):
Now, I could recycle the group as in my previous blog post but that did not restore the group membership.
So what is the problem?
We have to make sure we select the correct backup (by date and time) and in particular NOT the backup that we initiate manually so the most recent changes are displayed. That backup takes place AFTER the group was deleted and does not allow us to restore it.
We need to select the previous backup in which the group was still "undeleted":
Note: the icon representing the group is black here and not red.
If we peform the restore now, and look at the restore details, we see an attribute name ("Members") with the restored value:
That is more promising. Better yet, if I go back into Active Directory (Users and Computers), I see that the group is restored with its 4 members:
In this blog post, I've made some more progress leaning about the third party Active Directory recovery tool "Recovery Manager Plus". We've now restored users and groups as well as attributes of these objects. In my next blog post, I'll attempt to restore a DNS zone and a Group Policy Object (GPO). While the product does allow other recovery operations (bare metal and virtual machine), I will not explore those options in this serie of blog posts.