Create a Microsoft Azure Recovery Target for Active Directory Forest Recovery

Create a recovery target for the Microsoft Azure subscription you want to recover your domain controllers to.

Start the Add Microsoft Azure Target Wizard

1. From the Command Center navigation pane, go to Protect > Active Directory.

   The Overview page appears.

2. On the Forests tab, click the forest.

   The forest page appears.

3. On the Runbook tab, click the runbook.

   The runbook page appears.

4. On the Runbook settings tab, in the Create new domain controller VM from backup section, click View recovery targets.

   The Recovery targets dialog box appears.

5. Click Add recovery target.

   The Select target dialog box appears.

6. Select Microsoft Azure.

7. Click Select target.

   The Add Microsoft Azure target wizard appears.

General Page

1. Enter a name for the recovery target.

2. To register a new Azure subscription, beside Destination client, click the add button .

   The Add hypervisor dialog box appears.

3. Download the Active Directory Forest access node package.

4. Install the access node package on the server you want to use as your access node.

   Important access node requirements

   • The access node must be a VM in the Azure region that the domain controllers will be restored to.

   • When installing the access node package, select a drive on the server that has 10 GB or more of free hard disk space.

   • For adequate performance during restores of domain controllers, the access node must have 16 GB or more of memory.

5. Wait until the installation completes successfully.

6. In the Add hypervisor dialog box, refresh the Azure nodes list, and then select the host you installed the access node package on.

7. Enter a name for the hypervisor.

8. In Subscription, enter the ID of the Azure subscription.

9. To create an Azure app that will be used to connect to the Azure tenant, click Deploy a new application.

   The script to create a new application appears.

10. Copy the script.

11. Open an Azure Cloud Shell in the Azure subscription, copy the script to the Cloud Shell, and then run the script.

12. Copy the following values, output by the script, to a location where you can access them later:

    • Tenant ID

    • Application ID

    • Application secret

13. For Credential, click the add button .

    The Add credential dialog box appears.

14. Enter a name for the credential.

15. For Tenant ID, paste the value outputted by the script above.

16. For Application ID, paste the value outputted by the script above.

17. For Application secret, paste the value outputted by the script above.

18. Click Save.

19. Click Save in the Add hypervisor dialog box.

20. For Destination, select the Azure recovery target you created.

21. For Access node, select the server you installed the access node package on.

22. For Security, select the roles that need access to the Azure recovery target.

    Note

    You can ignore the VM display name options because they are not used.

23. Click Next.

Destination Options Page

1. For Resource group, select the resource group from the Azure subscription that recovered VMs will be associated with.

2. For Region, select the Azure region that the access node is in.

3. For Storage account, select a storage account from the Azure subscription that will host the hard disks of the recovered VMs.

4. For Virtual network, select the virtual network that the access node is in.

5. For Availability Zone, Storage type, Security group, VM size, and Create public IP, enter appropriate values or leave the default values.

6. Click Next.

Virtualize Me Options Page

1. For Server group, select a server group to associate recovered domain controllers with.

   You can specify a server group later in the runbook settings.

2. Close the Add Microsoft Azure target wizard.