Active Directory
Rubrik introduces the AD Object Recovery Tool
The AD Object Recovery Tool helps organizations ensure that their environment is up and running as soon as possible after losing valuable Active Directory data.
There can be many reasons for objects to disappear from the Active Directory environment. Was it a malicious script? Was it a working script that just contained bad logic? Or maybe employees were distracted and did it themselves? All of these scenarios occur in practice, including the unwanted modification or deletion of an Active Directory user or computer. Traditionally, performing authoritative restores was the method of bringing the object back into the realm of Active Directory.
The classic recovery scenario is quite complex, manual and time-consuming. This wastes both time and resources, while affecting end-users ‘ access to critical business resources.
Rubrik now offers a solution for this with the new Rubrik Active Directory (AD) Object Recovery Tool . It provides the ability to reset or restore these unwanted changes at the object level. This is critical to prevent productivity disruptions and ensure access to critical business resources. This means that instead of restoring a complete image-level backup of the Active Directory domain, you only extract the objects you want to restore. These include users, computers, and even such granular as individual attributes on the objects themselves. As befits Rubrik, simplicity and ease of use were the top priorities in the development of Rubrik AD Object Recovery Tool.
Granular Active Directory Recovery with Rubrik AD Object Recovery Tool
After downloading and installing the Rubrik AD Object Recovery Tool, the configuration process is controlled by a wizard. Users simply enter the FQDN / IP and the access data for the Cluster section and select a domain controller from the list of VMs, using the search function to quickly narrow down the selection.
The tool then ensures that an Active Directory database exists on the system, after which the user selects the desired database and point-in-time recovery. Next, the database is extracted to the desired recovery path (a local folder) for processing and mounting.
After importing, a screen similar to the Active Directory Users and Computers snap-in appears. Users can manually scroll through the Active Directory hierarchy and filter by name, type, or description, or simply search for the object they are looking for. Rubrik analyzes and detects all differences between the selected point-in-time database and the current configuration in the Active Directory domain of production. Any discrepancies between the two can be quickly identified by the tombstone icon next to the object. In the example below, it can be seen that the user ttoffoli has been deleted from the Active Directory, but still exists in the selected restore point.
Double-clicking any object displays a list of its Active Directory attributes. Again, inconsistencies at the attribute level are easy to see because they are highlighted in red. As can be seen below, the telephoneNumber attribute of the user pbyron has been changed.
Recovering a deleted object is as simple as right-clicking and selecting the desired recovery option, whether it is exporting to an LDIF file for manual import or directly restoring it back to the Active Directory domain of production.
Mass recovery of several objects is processed simultaneously by adding them to the” basket”, and then processing the basket as a whole.
The Rubrik AD Object Recovery Tool provides a quick and efficient way to restore individual Active Directory objects to their original location or export them to an LDIF file to import them to a new domain. By going through a simple guided assistant, organizations are able to use the tool to ensure that their environment is up and running again as quickly as possible, while minimizing the impact on business operations and minimizing the loss of productivity.
