The Active Directory guided setup guides you through creating a server plan and adding the Active Directory application.
Before You Begin
-
To back up Active Directory the user account configured in Active Directory connection settings must have the following permissions:
-
The account requires Read permissions to the Active Directory domain to backup users, groups, OUs, and other AD objects. Members of the Domain Users group have this permission by default. The account requires Read permissions to these additional objects which require higher privilege access:
-
DomainDNSZone
-
ForestDNSZone
-
Configuration/Sites
-
IP Security
-
Keys
-
NTDS Quotas
-
-
To restore Active Directory objects the user account configured in Active Directory connection settings must have the following permissions:
-
The account requires Read, Change, and Create Child Objects permissions in Active Directory. By default, members of the Domain Admins, Enterprise Admins, and Administrators group have the required permissions.
-
-
To complete the guided setup for Active Directory, you will need the following server information:
-
The host name
-
The credentials that you use to access the Active Directory server
-
Go to the Active Directory Guided Setup
-
From the navigation pane, go to Guided setup.
The Welcome page appears.
-
On the Protect tab, at the bottom of the page, click More.
-
Click the Active Directory tile.
The Active Directory setup page appears.
Create a Server Plan That You Can Use for Active Directory
If you already have a server plan that you can use, you can skip this step.
-
On the Create server backup plan page, click Create a new plan, and then specify the settings for a server plan that you can use for Active Directory.
-
Settings
Steps
Plan name
-
Fill in the following plan information:
-
Choose whether to create a new plan or use a base plan.
-
If you selected Create a new plan, in the Plan name, enter a name for the server plan.
-
If you selected Use existing base plan, specify the plan name and select a base plan.
-
Backup destinations
-
Click Add copy.
The Add copy dialog box appears.
-
In Name, enter a name for the backup destination.
-
From the Storage list, select the storage to use for the backups.
You can use the Air Gap Protect cool storage class for creating secondary copies, but not for creating primary copies.
-
To specify the start time for backups on a specific date and later, move the Backups On and After toggle key to the right.
-
For Retention rules, enter the amount of time to retain the backups.
-
To specify additional backups, such as weekly full backups, move the Extended retention rules toggle key to the right, and then add rules.
-
Click Save.
-
To add additional regions to the backup destination, move the Multi-region toggle key to the right, and then select the regions.
You can also add more regions and associate the storage copy to the region.
RPO
-
For Backup frequency, click Add.
The Add backup frequency dialog box appears.
-
From the Backup type list, select the backup type, and from the for list, select All agents or Databases.
-
Specify the frequency of the backup.
-
To specify the client time zone, full backup database frequency, or to add exceptions, move the Advanced toggle key to the right, and do the following:
-
From the time zone list, select the time zone according to which the backups must run.
-
If you select incremental or differential backup type for all agents or databases, to modify the full backup frequency of the database, specify a value for Run full backup on databases every option.
-
To add exceptions when the backups must not run, click Exceptions, and then add exceptions for any day of a month or week or schedule an exception for any week of the month.
Exceptions repeat every week or month according to the selected exception.
-
-
-
To modify the transaction log frequency, or enable disk cache for log backups, in the Run transaction log for databases field, click Edit .
-
For Transaction log, specify how often to run log backups.
-
To automatically back up the database logs to the MediaAgent cache, move the Advance toggle button to the right and do the following:
-
Move the Use disk cache for log backups toggle key to the right.
-
For Commit every, enter how often to commit the logs to the CommServe computer.
Disk caching of database logs applies to the following databases: Informix, Microsoft SQL Server on Windows, Oracle, Oracle RAC, and SAP HANA
Note
The database schedules are available only if the server plan is applicable to database solution and only one transaction log schedule can be added to that specific plan.
-
-
-
For Backup window (if incremental and differential backups are supported for the workload), specify when you want incremental and differential backups to run.
-
For Full backup window, specify when you want full backups to run.
Folders to back up
-
To back up only some content, in Content to back up, enter the content to back up.
By default, all content is backed up.
-
To exclude folders or files from the backup, in Exclude - files/folders/patterns, enter the content to exclude.
-
Specify whether to include the system state in backups:
-
To include the system state in all backups, move the Back up system state toggle key to the right.
-
To include the system state only in full backups, select the Back up system state check box and the Only with full backup check box.
-
To use Windows Server's VSS (Volume Shadow Copy Service) to back up the system state, select the Use VSS for system state check box.
-
Snapshot options
-
Under Snapshot options, do the following:
-
Specify how to retain snapshots:
-
To specify a number of jobs to retain on a snapshot copy, select Number of snap recovery points, and then enter the number of jobs to retain.
-
To specify a retention period, select Retention period, and then enter the amount of time to retain the jobs.
-
-
If you don't want to create backup copies, move the Enable backup copy toggle key to the left to turn it off.
-
For Backup copy frequency, enter how often to run backup copy jobs.
-
Override restrictions
-
Under Override restrictions, to allow the derived plans that use this server plan as the base plan to override the settings, move the Allow plan to be overridden toggle key to the right, and then select one of the following options for Storage pool, RPO, and Backup content:
-
Override required: Plans derived from this base plan do not inherit the base plan values.
-
Override optional: Plans derived from this base plan can either inherit the base plan values or have different values.
-
Override not allowed: Plans derived from this base plan must inherit the base plan values.
-
-
-
Click Save.
Add the Active Directory App
-
On the Add an Active Directory page, enter the following information:
-
Host name: Enter a fully qualified hostname or IP address for the Active Directory computer. You can enter more than one host name at a time.
-
Username and Password: Enter the user credentials to provide administrative access to the Active Directory computer.
The administrator must have the following permissions for performing a backup and restore operation:
-
Be a member of the Domain Administrator Group.
-
Be able to access the Active Directory deleted object container or the tombstone.
-
At the minimum have Read, Change and Create Child Objects permissions in the Active Directory domain.
Each domain must have an Active Directory agent installed, to protect individual domains. You can install the Active directory agent on any domain controller within the same domain.
Note
You can still use an account that is not in the domain to perform backups. The account must have Read, Change and Create Child Objects permissions in the Active Directory domain. However, DNS Zones are not backed up using that account. Regular domain user will not backup the following sections in Active Diretory:
-
DomainDNSZone
-
ForestDNSZone
-
Configuration/Sites
-
IP Security
-
Keys
-
NTDS Quotas
-
-
-
Select a Plan: Select a server plan.
-
-
Click Save.