Brought to you by:
Enterprise Strategy Group | Getting to the Bigger Truth™
By Jack Poller, Senior Analyst; and Eve Falk, Associate Validation Analyst
NOVEMBER 2021
What we found. AD is a mission-critical component of the IT infrastructure. When AD fails, either from ransomware, cyberattacks, or catastrophes, the IT environment comes to a grinding halt, which means the entire organization stops working until AD is restored.
Quest RMADDRE automates the manual Active Directory recovery process documented in Microsoft’s Active Directory Forest Recovery Guide. This onerous, error-prone, and lengthy manual process includes 18 major steps (each with many minor steps) that must be coordinated and synchronized across the entire suite of DCs being recovered. Automating the manual process significantly reduces the opportunity for manual errors.
Quest RMADDRE runs operations in parallel and synchronizes steps as necessary. This significantly accelerates the process and reduces the time to recover from an AD failure. Quest offers a wide variety of backup and recovery options, providing flexibility, speed, efficiency, and risk reduction for both backup and recovery operations.
Using RMADDRE can reduce risk, as the solution can scan backups for malware. In addition, RMADDRE can back up just the Windows components necessary to recover AD to a system with a clean install of Windows Server. This avoids backing up and restoring malware hiding in boot sectors, temporary directories, or system directories, and results in smaller, faster backups.
With Quest Recovery Manager, organizations can further accelerate the recovery process by first recovering the bare minimum number of DCs needed for proper operations. Once AD is operational, the teams responsible for recovering business applications, databases, and files can begin their recovery operations while the AD recovery team works in parallel to increase AD forest performance and capacity.
1. Verify network connectivity and DNS.
2. Reset the DC computer account passwords.
3. Raise the RID pool, invalidating any published RIDs.
4. Seize FSMO roles for the root domain.
5. Seize FSMO roles for all other domains.
6. Clean up the metadata of other DCs.
7. Reset the KRBTGT account password.
8. Reset internal Trust passwords.
9. Validate SYSVOL share is available.
10. Add the Global Catalog.
This ESG Technical Review was commissioned by Quest and is distributed under license from ESG.
All trademark names are property of their respective companies. Information contained in this publication has been obtained by sources The Enterprise Strategy Group (ESG) considers to be reliable but is not warranted by ESG. This publication may contain opinions of ESG, which are subject to change from time to time. This publication is copyrighted by The Enterprise Strategy Group, Inc. Any reproduction or redistribution of this publication, in whole or in part, whether in hard-copy format, electronically, or otherwise to persons not authorized to receive it, without the express consent of The Enterprise Strategy Group, Inc., is in violation of U.S. copyright law and will be subject to an action for civil damages and, if applicable, criminal prosecution. Should you have any questions, please contact ESG Client Relations at 508.482.0188.
Enterprise Strategy Group | Getting to the Bigger Truth™
Enterprise Strategy Group is an IT analyst, research, validation, and strategy firm that provides market intelligence and actionable insight to the global IT community.