Quest is the market leader in hybrid Active Directory (AD) security, recovery, migration and modernization, empowering 130,000 customers with unrivaled cyber resilience solutions. Only with Quest do you get:
By downloading, you are registering to receive marketing email from us. To opt-out, follow steps described in our Privacy Policy.
reCAPTCHA protects this site. See Google's Privacy Policy and Terms of Use.
You won’t find this platform coverage anywhere else. The numbers don’t lie about our experience and leadership. There are a lot of point solutions out there that claim a lot of things, but Quest is the only single-vendor provider that delivers comprehensive solutions for:
Quest is extremely mindful of the increased attacks on supply chains and takes great lengths to protect it, with mature supply chain risk management practices and an airgap-secured assembly process that exceeds industry standards. Quest performs no development in countries of security concern.
While other vendors may advertise being cyber-first, be sure to validate supply chain risk management practices, and ensure that your leadership is comfortable with the locations/countries where development is performed.
Get started now
Experience our Active Directory security solutions
Automate and accelerate Active Directory recovery. Ransomware is today's most disruptive cyber threat, and Active Directory is increasingly in its crosshairs. Quest® Recovery Manager for Active Directory Disaster Recovery Edition slashes AD forest recovery time from days or weeks to just hours, giving you peace of mind that an AD disaster will not become a business disaster.
of organizations impacted by ransomware
Average downtime due to ransomware
attempted attacks on Azure AD accounts
Fast and secure Active Directory forest recovery is vital following a cyberattack. The longer AD is down, the longer your business is down. “The restore process from many well-documented ransomware attacks has been hindered by not having an intact AD restore process," according to Gartner, which also states that you can “accelerate recovery from attacks by adding a dedicated tool for backup and recovery of Microsoft Active Directory.”
With Recovery Manager for Active Directory Disaster Recovery Edition, you can restore AD at least five times faster than the manual Active Directory forest recovery process, according to ESG Research. One reason for that is due to extensive automation, which reduces the risk of human error and having to start over as the result of those errors. Recovery Manager also protects your AD backups from compromise and eliminates the risk of malware reinfection. It’s like an insurance policy for AD that you can’t afford not to have.
This comprehensive backup software solution is ideal for helping you rapidly recover from cyberattacks that impact AD. It offers a range of recovery options, including system state restore and full server backup capabilities, providing flexibility in addressing various disaster scenarios. Recovery Manager goes beyond traditional system state backup by offering granular recovery of identity directory services, allowing you to restore specific AD components without resorting to a full domain or forest recovery.
In the case of a cyberattack, Recovery Manager proves invaluable for recovering compromised user accounts and service accounts. The solution can recover impacted accounts from pre-attack backups, even allowing for the reset of privileged account passwords to mitigate potential security breaches. This granular approach to recovery extends to deleted objects as well, enabling the restoration of specific AD objects without necessitating a complete forest or domain restore.
Recovery Manager’s versatility is evident in its multiple recovery methods, including phased recovery and the ability to restore AD to a clean operating system. This flexibility is crucial when dealing with complex ransomware scenarios that may have affected multiple domain controllers across different geographical locations. The solution's Secure Storage server feature provides air-gapped storage for AD backups, ensuring that backups remain uncorrupted and inaccessible to ransomware. Additionally, Recovery Manager can scan servers for malware before they are used in recovery and offers the option to restore AD to a Microsoft Azure virtual machine, further enhancing security during the recovery process. These advanced features, combined with its ability to perform various types of restores — from bare metal recovery to reinstalling AD on existing hardware — make Recovery Manager a powerful tool in your organization’s ransomware defense strategy.
Handle any Active Directory disaster recovery scenario, from attribute changes to SYSVOL corruption to full AD forest disasters.
Automate the Active Directory forest recovery process, including the 40+ steps outlined in Microsoft's AD forest recovery best practices.
Choose the best method for your situation, whether that’s phased recovery, restoring AD to a clean OS or bare metal recovery.
Eliminate the risk of malware re-infection throughout your AD forest recovery, scanning for malware and minimizing its hiding places.
Ensure backups are always available with multiple options for secure physical and cloud storage.
Quest has specialized in AD disaster recovery as long as AD has been around, helping thousands of customers, including 50% of the Fortune 100.
Back up exactly what you need to recover AD. By omitting extraneous and risky components like boot files and the IIS Metabase, Recovery Manager reduces backup bloat, makes the backup process more efficient and minimizes the places where malware can hide.
Protect AD backups from malware infection with Secure Storage, a hardened server that is isolated according to IPSec rules with regular checks to confirm backup integrity. Even if you lose your DCs, Tier 1 storage and even your Recovery Manager server, you still have the Secure Storage backup that is hardened and secure to withstand the ransomware attack.
Recovery Manager ensures that your AD backups are always available in case of disaster with the flexibility to store backups in secure cloud locations such as immutable Azure Blob Storage and Amazon Web Services (AWS) S3 storage.
After you back up Active Directory, you can shorten recovery time objectives with a phased Active Directory recovery approach. Quickly restore key DCs, enabling sign-in and business-critical functions as soon as possible. Then dramatically accelerate recovery of remaining DCs with automated repromotion methods.
Choose the AD disaster recovery method that works best in a given situation, whether that’s phased recovery, restoring to a clean OS to minimize the risk of malware reinfection or bare metal recovery. You can restore AD to a clean OS on any machine, whether it’s a physical machine, on-prem virtual machine or a cloud-hosted VM.
During an attack, you need to restore to a new machine you can trust. Quickly and easily create Microsoft Azure resources including virtual machines during an AD forest recovery. This enables you to recover AD to a readily available, secure and cost-effective machine that you can trust is clean from malware.
Eliminate the risk of malware re-infection throughout your AD disaster recovery process with regular checks for viruses after the backup file is created, during storage when updates are added and before a restore is started with integrated Microsoft’s Defender capabilities. If needed, you can safely pause your recovery to quarantine or remove corrupted files.
Quickly restore your domain controller’s operating system without depending on others. Recovery Manager gives AD admins more control of the recovery process, saving time and resources by eliminating dependencies on cross-departmental teams.
Restore individual attributes, such as account settings, group memberships and binary attributes, even when the object itself has not been deleted. This enables you to restore only the required attributes without restarting domain controllers.
Highlight changes made since the last backup by comparing the online state of AD with its backup or by comparing multiple backups. Accelerate recovery by quickly pinpointing deleted or changed objects or attributes. And with Change Auditor you can easily identify who made the changes.
Inspect AD for warning signs of possible issues before they become disasters by checking DC accessibility, replication, trusts and user authentication.
With Recovery Manager, you can share persistent configuration data between several instances of your recovery consoles so that you can quickly resume the last restore operation in case it was unexpectedly interrupted.
After you back up Active Directory, you can generate a detailed recovery process report, including an overview of every stage of the recovery, to gain a better understanding and more control over the project.
A solid on-premises Active Directory recovery plan alone isn’t sufficient since so many organizations are making greater use of cloud-only objects such as Azure AD groups, Azure B2B/B2C accounts, conditional access policies and more. With On Demand Recovery, you can quickly and securely back up and recover Azure AD.
Quest Professional Services ensure your Active Directory recovery plan is in place quickly and validates your forest recovery model. Whether your team lacks the technical expertise, does not have the manpower or just does not have time to configure, test and deploy your solution, our subject matter experts help you through this process using our tested implementation methodology.
Active Directory Recovery is the process of restoring Active Directory (AD) services and data after a catastrophic failure or cyberattack, such as ransomware. It involves rebuilding domain controllers, restoring AD databases, and reestablishing forest-wide services to bring the AD environment back to a functioning state. Active Directory recovery is critical because AD is the backbone of most organizations' IT infrastructure and identity services, controlling user authentication, access to resources, and application functionality.
Effective AD recovery requires careful planning, secure backups, and a rapid recovery solution like Recovery Manager to automate and accelerate the process. Manual recovery can be extremely time-consuming and error-prone, often taking days or weeks to complete. Purpose-built solutions like Recovery Manager for Active Directory Disaster Recovery Edition can significantly reduce recovery time to hours, minimize the risk of malware reinfection, and provide flexible recovery options such as phased recovery or restoring to a clean operating system. Given the increasing threat of ransomware and other cyberattacks targeting AD, having a robust and tested AD recovery plan is essential for maintaining business continuity.
Active Directory recovery encompasses several types of operations, ranging from granular object restoration to full forest recovery. For minor issues, online granular restore allows you to recover individual attributes or objects without restarting domain controllers. This is useful for correcting accidental changes or deletions. For more severe scenarios, there are multiple options for full recovery: Bare metal recovery (BMR) allows you to recover all volumes of a domain controller to new or different hardware; restore to clean OS enables you to restore AD onto a new Windows Server while reducing the risk of reinfection; and phased recovery lets you prioritize the restoration of critical domain controllers to get essential services running quickly.
Other recovery types include installing Active Directory on new servers to replace compromised DCs, uninstalling and reinstalling AD on existing servers, and repromotion of remaining DCs in a partially recovered forest. The choice of recovery method depends on the extent of the damage, the risk of malware persistence, and the organization's specific needs. Solutions like Recovery Manager for Active Directory Disaster Recovery Edition provide flexibility in choosing the most appropriate recovery method for a given situation, whether it's restoring to on-premises hardware, virtual machines, or even cloud-hosted VMs in Microsoft Azure.
Bare metal recovery (BMR) is a crucial capability of your Active Directory recovery arsenal because it allows you to recover not just the Active Directory data, but also the entire domain controller's operating system in the event of a catastrophic failure. This is especially important in rare scenarios where more than just Active Directory needs to be recovered. With BMR, you can restore a domain controller to its previous state on entirely new hardware, ensuring that all configurations, settings, and data are preserved.
Furthermore, BMR provides a more comprehensive and efficient recovery solution compared to traditional enterprise and Windows methods. It eliminates the need to manually reinstall the operating system and reconfigure the domain controller, which can be time-consuming and error-prone. By restoring both the operating system and Active Directory simultaneously, BMR significantly reduces downtime and ensures that your Active Directory infrastructure can be brought back online quickly and accurately, even in the most severe disaster scenarios. Quest allows you to restore AD to a clean OS on any machine, including physical machines, on-premises virtual machines or cloud-hosted virtual machines.
Before installing Recovery Manager for Active Directory, ensure that your system meets the following minimum hardware and software requirements.
NOTE
Minimum: 2.0 GHz
Recommended: 2.0 GHz or faster
CPU Cores
Minimum: 2 CPU cores
Recommended: 4 CPU cores
Memory
Minimum: 4 GB
Recommended: 8 GB
These figures apply only if the Active Directory domains managed by Recovery Manager for Active Directory include 1 million objects or less. Increase RAM size by 512 MB for every additional 1 million objects.
Full installation including the prerequisite software: 2.7 GB of free disk space
In case all the prerequisite software is already installed: 260 MB of free disk space
NOTE Additional storage space is required for a backup repository, at least the size of the backed-up Active Directory database file (Ntds.dit) and the SYSVOL folder plus 40MB for the transaction log files.
Installation
Targets for backup, restore, or compare operations
Microsoft .NET Framework version 4.8 or higher is needed on the console system.
NOTE: Microsoft .NET 4.8 is not required to be installed on the systems where the Forest Recovery and Backup agents are to be installed. The Secure Storage Agent does use .NET and it is recommended to install 4.8 on the Secure Storage system, but the agent will work with older versions.
Microsoft SQL Server versions
Microsoft SQL Server® is required for the following Recovery Manager for Active Directory features: Comparison Reporting and Forest Recovery Persistence.
Supported SQL Server versions:
Microsoft SQL Server components
Microsoft System CLR Types for SQL Server® 2014
If this component is not installed, it will be installed automatically by the RMAD setup.
Microsoft SQL Server Reporting Services
To display reports, Recovery Manager for Active Directory can integrate with Microsoft SQL Server® Reporting Services (SRSS) 2016, 2017, 2019, and 2022.
Microsoft Windows PowerShell version 5.0 or later
Supported versions of Change Auditor for Active Directory: from 6.x to 7.x.
If any prerequisite software is not installed, the Setup program automatically installs it for you before installing Recovery Manager for Active Directory. If the prerequisite software to be installed is not included in this release package, it is automatically downloaded.
Continuous recovery: From version 10.0.1, Recovery Manager for Active Directory together with Change Auditor can restore the deleted object(s) and continuously restores the last change (if any) that was made to the object attributes after creating the backup, using the data from the Сhange Auditor database.
The anti-virus checks are performed on the Forest Recovery Console machine running Windows Server 2016 or higher by means of antivirus software installed on the machine.
1 GB (2 GB recommended)
2 GB or more
One of the following operating systems:
Secure Storage Server
Minimum: 2.0 GHz
Recommended: 2.0 GHz or faster
CPU Cores
Minimum: 2 CPU cores
Recommended: 4 CPU cores
Memory
Minimum: 4 GB
Recommended: 8 GB
You can only use the Password and SIDHistory Recoverability Tool if Microsoft's Active Directory Recycle Bin is not enabled in your environment.
Recovery Manager for Active Directory Disaster Recovery Edition is upgradeable from version 10.0 or later.
Businesses cannot operate without Active Directory up and running. Learn why and how to develop a comprehensive Active Directory disaster recovery strategy.
Learn everything you need to know about Active Directory forest recovery, including the most common mistakes to avoid.
Discover key considerations and the essential steps to take before, during, and after a cyberattack to minimize its impact.
Dive into the 4 key areas necessary to establish a robust data recovery plan, a vital component for every organization.
Cybersecurity risk management requires identifying, assessing, and mitigating risks to your systems and data. Learn how to get started.
Every organization needs a solid ransomware recovery strategy to combat the potential devastation of ransomware attacks. Here are a few best practices to get started.