Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Backup and Recovery Community Blog

Microsoft Active Directory Data Protection

Created: 03 Jul 2009
GFK's picture
0 0 Votes
Login to vote

I know I keep banging on about this but it really does bother me that we are not adequately protecting Active Directory (AD) as the primary directory service in Windows. Microsoft Exchange, SQL, and SharePoint all depend on efficient backup and quick recovery of AD. So if you have any of these business applications you should be thinking about how you backup, and more to the point, restore AD. We all know that AD data has a bad habit of corruption which can have a disastrous affect across the Windows environment.

AD objects can get modified or deleted by mistake, faulty scripts accidentally overwrite key AD attributes. Since it is a replicated database an accidentally deleted user account can result in a lengthy process while someone struggles to recover the AD environment. Ultimately, we can end up at the mercy of AD. Anyone who has ever had to recover AD understands the frustration and time involved with what should be a basic recovery process – but isn’t.

Enter the BE Agent for AD

Symantec Backup Exec 12.5 Agent for Microsoft Active Directory is designed to overcome these recovery limitations. It can dramatically reduce the time to recover, leveraging Granular Recovery Technology (GRT) which give you the ability to restore individual AD items, while Active Directory is online, including:

* Individual User Accounts
* Organizational Units (OU’s)
* Printer Objects
* Even Individual AD attributes and values including names, addresses, phone numbers, email addresses, etc. all from a fast single-pass database level backup of Active Directory.

Key Benefits of Backup Exec 12.5 Agent for Microsoft Active Directory

* Centralised System State and Active Directory protection
* Online, granular recovery of individual Active Directory objects
* Point and Click restores
* Restore objects without rebooting AD Domain Controllers
* Single Pass Backups for complete AD or object level recovery from single backup

The embedded Granular Restore Technology gives you the ability to restore individual AD objects down to the individual attribute level without restoring the entire AD. Single-Pass Backup with GRT Eliminate separate slow individual object level AD backups forever. Complete data protection requires only one backup job saving space on vital disk and/or tape media and ensure each backup completes quickly.

* Online AD Recovery (no reboots required)
* Recover important Active Directory information while Active Directory is online
* Completely Automated Object Recovery
* Ensure deleted AD objects to be recovered with their original IDs and correct links to other Active Directory objects, eliminating the need to re-create the IDs and broken links
* Disk to Disk or Disk to Tape Backup and Recovery
* Flexible backup and recovery capabilities allow for backup to disk for fast recovery or backup to tape for long-term storage

So anyone who is running Exchange, SQL, or SharePoint would quite naturally have the BE application or database agent as appropriate. In which case it makes absolute sense that you would also have the Agent for AD … wouldn’t it?