I found this video:
It seems very intresting to us, has anyone seen any documentation about this new feature?
I could not find any.
Solved
Commvault's new Active Directory Forest-level recovery support
Best answer by Mohamed Ramadan
Hi
While the AD IDA agent in Commvault backs up individual objects, it's not ideal for full forest recovery.
https://documentation.commvault.com/2024/essential/active_directory_01.html
In case of a major disaster, you'll want to use the pre-defined "Active Directory Forest Restore" workflow to restore multiple domain controllers (DCs), including their system state data.
https://documentation.commvault.com/2023e/expert/predefined_workflow_restoring_domain_controllers_in_active_directory_forest.html
Here's what I experienced at a customer site (different approach, but with the same goal):
I used a combination of the File System IDA and AD IDA agents on the DC. This captures both file system data and AD objects.
- Install a new DC with the same OS and patches.
- Install the Commvault File System agent on the new DC.
- Use Commvault to perform a complete in-place restore, selecting "Primary" in the SYSVOL options.
- Prepare the environment for Commvault's 1-Touch Bare Metal Recovery.
- This allows you to boot from an ISO and recover the other DCs directly, skipping the steps of installing the OS, patches, and the Commvault agent.
Once the recovery is complete, you'll need to check and verify several things:
- Ensure all Active Directory services are running as expected.
- Verify if all FSMO roles are present on this new DC. If not, claim the missing roles using these resources:
https://learn.microsoft.com/en-us/troubleshoot/windows-server/active-directory/view-transfer-fsmo-roles
https://learn.microsoft.com/en-us/troubleshoot/windows-server/active-directory/transfer-or-seize-operation-master-roles-in-ad-ds - Use MMC consoles to ensure all AD services are working properly. Test functions like pinging DNS names
- Verify if you can make changes to objects in DNS and Active Directory.
Let me know if this aligns with what you were looking for! If not, please share your thoughts. I'm happy to discuss further.
Best Regards,
Mohamed Ramadan
Data Protection Specialist
+11Hi
While the AD IDA agent in Commvault backs up individual objects, it's not ideal for full forest recovery.
https://documentation.commvault.com/2024/essential/active_directory_01.html
In case of a major disaster, you'll want to use the pre-defined "Active Directory Forest Restore" workflow to restore multiple domain controllers (DCs), including their system state data.
https://documentation.commvault.com/2023e/expert/predefined_workflow_restoring_domain_controllers_in_active_directory_forest.html
Here's what I experienced at a customer site (different approach, but with the same goal):
I used a combination of the File System IDA and AD IDA agents on the DC. This captures both file system data and AD objects.
- Install a new DC with the same OS and patches.
- Install the Commvault File System agent on the new DC.
- Use Commvault to perform a complete in-place restore, selecting "Primary" in the SYSVOL options.
- Prepare the environment for Commvault's 1-Touch Bare Metal Recovery.
- This allows you to boot from an ISO and recover the other DCs directly, skipping the steps of installing the OS, patches, and the Commvault agent.
Once the recovery is complete, you'll need to check and verify several things:
- Ensure all Active Directory services are running as expected.
- Verify if all FSMO roles are present on this new DC. If not, claim the missing roles using these resources:
https://learn.microsoft.com/en-us/troubleshoot/windows-server/active-directory/view-transfer-fsmo-roles
https://learn.microsoft.com/en-us/troubleshoot/windows-server/active-directory/transfer-or-seize-operation-master-roles-in-ad-ds - Use MMC consoles to ensure all AD services are working properly. Test functions like pinging DNS names
- Verify if you can make changes to objects in DNS and Active Directory.
Let me know if this aligns with what you were looking for! If not, please share your thoughts. I'm happy to discuss further.
Best Regards,
Mohamed Ramadan
Data Protection Specialist
1 person likes this
+19- Commvault Certified Expert
- 1249 replies
Still the steps from
1 person likes this
+23- Vaulter
- 1301 replies
Correct, still to be released. There is no date as yet, but this calendar year seems unlikely from what I know.
Reply
Rich Text Editor, editor1
Editor toolbars
Press ALT 0 for help
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.