Overview

Active Directory Backup and Recovery Tool

Back up all objects in your AD domains and restore them to any previous version instantly.

Download now  

The native Active Directory backup and recovery features from Microsoft are not suitable for object-level backups, and attribute-level restorations. With RecoveryManager Plus, you can backup and restore not only all AD objects but also other essential AD elements such as Schema attributes, group membership information and Exchange attributes. Additionally, recover deleted objects, and roll back entire AD to a previous point-in-time state in a few simple clicks.

What can RecoveryManager Plus backup?

Users

Back up all user objects and restore entire objects or just specific attributes to a backed-up state—also, rollback users to a particular point-in-time in the past.

 

OUs

Back up all OUs and restore them to a backed up state. Recover deleted OUs and all child OUs of the deleted OU in a single click.

 

Exchange Attributes

Track and back up each change made to mailbox enabled users, distribution groups, mail-enabled users, and mail contacts and restore them when required.

 

Groups

Back up both security and distribution groups, and restore or roll them back to a previous state.

 

Group Memberships

Back up group membership information of users and automatically restore their security and distribution group memberships when they are recovered or restored.

 

Schema attributes

Back up and restore changes made to classes and attributes in the schema partition.

Contacts

Backup all contacts in your AD domain and restore them with all attributes like group memberships and contact information intact.

 

GPOs

Back up and restore all group policy objects in your domain. Track each change made to GPOs and undo undesirable changes.

 

DNS information

Back up all DNS zones and DNS nodes of your Active Directory. Track all DNS configuration changes and back them up for easy restoration in case of disaster.

 

Computers

Back up all computer objects in your domain and restore them with all attributes like BitLocker keys and TPM Owner Information.

 

Supported versions

Windows servers 2008, 2008 R2, 2012, 2012 R2, 2016, and 2019.

Why choose RecoveryManager Plus?

  • Object-Level Restoration: Restore entire AD objects to any of their previous versions instantly.
  • Attribute-Level Restoration: Restore individual attributes of AD objects to any of their previous values.
  • Periodic full backups: Take a full backup of your AD environment at fixed intervals to prevent the chain of incremental backups from becoming too large.
  • Incremental backups: Back up just the changes made to AD since the last backup cycle and store them as separate versions.
  • Backup Retention: Define the number of full backups to be retained and discard older full backups and all subsequent incremental backups to save storage space.
  • Rollback: Roll back your entire AD, a few OUs, or even individual objects to a previous backup point, and undo all changes made to objects after that point in time.
  • AD Recycle Bin: Restore deleted AD objects and their attributes, including their parent containers, in a single click.
  • Version Management: Maintain each backup of an object as a separate version and restore objects to any earlier version.
  • Change Management: Track all changes made to user objects and undo any specific change made to them.
  • Restart-free recovery: Recover deleted AD objects from Windows 2008, 2008 R2, 2012, 2012 R2, 2016, and 2019 servers without having to restart your domain controllers.

Active directory FAQs

  • How do I backup my AD users and computers?

    To back up AD users, computers, and any other AD object:

    1. Log in to RecoveryManager Plus as an administrator, and navigate to the Active Directory tab > Settings > Backup settings.
    2. Click the icon located in the Action column of your AD domain.
    3. Select all or specific OUs to back up by clicking on the + icon. All the objects in the selected OUs will be backed up. You can view the child OUs by expanding the parent OU node.
      Note: To back up just the contents of the parent OU and not the contents of the nested containers, select the Exclude child OU(s) option located in the lower-right corner.
    4. In the Object Types field, click the icon. In the pop-up that appears, select the objects and attributes that you wish to back up.
      Note: All custom attributes that have been created by you will be displayed, and you can add them to be backed up. If any custom attribute is missing, search for the particular attribute by clicking the Add Attributes link and providing the LDAP name of the attribute.
    5. Select the frequency at which full backups must be taken: weekly or monthly.
    6. Select the frequency at which the incremental backups must be taken: hourly, daily, or weekly.
    7. Select the Repository in which you wish to store the backups from the drop-down box.
    8. Enter the number of full backups to be held in your repository at all times in the Set Retention Period field.
      Note: When the number of full backups in your repository exceeds the retention limit, the oldest full backup and its subsequent incremental backups will be discarded. To disable backup retention, set the retention period as 0, or leave it empty.
    9. To back up GPOs using PAExec, select the Use PAExec to backup GPOs field.
    10. If you wish to force replicate all changes made to domain controllers before any backup operation is initiated, select the Force Replication option.
    11. If you wish to back up disabled user and computer objects, select the Backup disabled objects option.
    12. Click Save.
  • How do I restore my Active Directory backup?

     

    1. Log in to RecoveryManager Plus as an administrator, and navigate to the Active Directory tab > Active Directory > Restore.
    2. Select the domain that contains the object to be restored in the Domain drop-down box.
    3. Specify the approximate time period within which the object was modified in the Select Backup field, and click Search. Once the time period is specified, the number of backups taken during this period is listed. Select the backup in which the object to be restored is present.
    4. To search for any particular object from your backup, click the icon located below the Select Backup field.
      1. Type the name of the modified object in the Object Name field. If you are not sure of the name, use filters such as Contains, Starts With, Ends With, and Equals.
      2. Click on the + icon in the OUs field to select the OU in which the required object is likely to be present.
      3. In the Object Type field, select the type that fits from the pop-up that appears. To search for changes made to a particular attribute, check the box next to the attribute by which you wish to filter, and hit Save.
      4. Click Search. All objects that fit the entered criteria are displayed.
    5. You can either choose to restore a version completely by checking the box next to the object name, or selectively restore particular attribute(s) from a version. To selectively restore individual attributes, click on the number in the Number of Property Changes field corresponding to the object, and select the attributes that you would like to restore.
    6. Click Restore to complete the restoration process.
      Note: If you wish to restore the object attributes to their previous values, check the box next to Restore Previous Backup Value, and click Restore Previous Backup Value.
  • Can I back up Active Directory using RecoveryManager Plus?

    Yes. Using RecoveryManager Plus, you can back up all AD objects in your AD domains, including users, groups (distribution and security), GPOs, OUs, Exchange attributes, DNS information, computers, dynamic distribution groups, and contacts. You can restore all these objects to any of their previous states when needed.

  • Can I back up Active Directory Schema?

    You can back up all changes made to schema classes and attributes using RecoveryManager Plus, and restore them to any previous state when needed.

  • How can I back up the custom attributes that I added to my Active Directory?

    1. Log in to RecoveryManager Plus as an administrator, and navigate to the Active Directory tab > Settings > Backup settings.
    2. Click the ✎ icon located in the Action column of your AD domain.
    3. In the Object Types field, click the icon. In the pop-up that appears, all custom attributes that have been created by you will be displayed, and you can add them to be backed up. If any custom attribute is missing, search for the particular attribute by clicking the Add Attributes link and providing the LDAP name of the attribute.
    4. Click Save.
  • How often should I back up Active Directory?

    It is recommended you take a full backup of your AD at least once a month and you incrementally back up changes made to AD objects on a daily basis. RecoveryManager Plus provides multiple full backup and incremental backup frequencies for you to choose from.

  • Is Recycle Bin enabled in Active Directory?

    By default, Recycle Bin is disabled in Active Directory and has to be manually enabled. Once enabled, it cannot be disabled. RecoveryManager Plus's Recycle Bin on the other hand is built-in and is enabled right from the moment the product is installed. You do not have to enable the native Recycle Bin for RecoveryManager Plus's Recycle Bin to work.

  • What are some best practices for Active Directory backup?

    1. Make sure you have at least one domain controller backed up per domain.
    2. The most recent domain controller backup shouldn’t be older than half of the tombstone lifetime. By default, the tombstone lifetime in AD is 60 days, so you should make at least one full backup of your domain controller every 30 days.
    3. If an administrator changes the tombstone lifetime, perform a full backup immediately.
    4. Ensure that you always have a secondary copy of the backup in a different location.

Active Directory Backup and Recovery Tool

A single pane of glass for Active Directory, Office 365, and Exchange Backup