> Software > Protect > Identity > Active Directory > Forest recovery for Active Directory > Runbooks

Modifying Active Directory forest recovery runbook settings

Runbook settings include domain credentials and domain controller restore configurations. Also, you can skip runbook steps, and you can pause after a runbook step is completed.

Go to the runbook settings

  1. From the Command Center navigation pane, go to Protect > Active Directory.

    The Overview page appears.

  2. On the Forests tab, click the forest.

    The forest page appears.

  3. On the Runbooks tab, click the runbook.

    The runbook page appears.

  4. Click the Runbook settings tab.

Specify domain credentials

Domain credentials are user accounts that have administrative access to your AD domains. The domain credentials are used during domain controller promotions and may be used to perform runbook configuration steps if they cannot be completed using the System account.

Note

Because cross-domain authentication is disrupted during a forest recovery, for each domain, specify a separate credential that is a privileged AD user account local to that domain, preferably an account that belongs to the Domain Admins group in the local domain.

  1. In the Domain credentials section, click Configure domain credential.

    The Active Directory credential dialog box appears.

  2. For Credential, select the credentials to use.

  3. Click Submit.

Configure DNS hosting type

You can configure the runbook to use either Active Directory-integrated DNS or an external DNS server during forest recovery.

When external DNS is configured:

  • Recovered domain controllers are automatically pointed to the specified DNS server during recovery

  • The runbook pauses to allow DNS record updates

  • DNS validation is performed before recovery continues

For more information, see Domain Name System (DNS) considerations.

To configure the DNS hosting type, follow these steps:

  1. On the Runbook settings tab, in the Configuration tile, click Edit edit button outline grey/gray pencil.

  2. Select one of the following options:

    • Active Directory-Integrated DNS

    • External DNS (Infoblox, BIND, other appliance)

  3. If you selected External DNS, in the External DNS server IP address, enter the IP address of the external DNS server that recovered DCs should use during recovery.

  4. Click Save.

Configure a skip or pause for a runbook step

Runbook steps are automatically generated based on the recovery options that are configured on the runbook topology and runbook settings tabs.

  • To skip a step in the runbook, enable the Skip toggle key beside the runbook step.

  • To configure a pause in the runbook, enable the Pause afterward toggle key beside the runbook step.

    When you recover a forest, the forest recovery process pauses after each step that is configured with a pause and waits for user confirmation before continuing.

Export a runbook to a PDF or excel file

Export the AD forest recovery runbook to PDF or excel to make it easier to access, share, and review.

  1. On the Runbooks tab, click the runbook you want to export.

    The detailed view of runbook appears.

  2. On the Runbook steps tab, on the top-right corner of the runbook steps view, click the Export button action button.

  3. Choose the format:

    • Export to PDF – for a printable, read-only version

    • Export to Excel – for editable tabular data.

  4. The file is automatically downloaded to your browser’s default download location.

×

Loading...