on 01-14-2015 03:25 AM
The Technical Services team for Backup and Recovery have produced a number of documents we call "Blueprints".
These Blueprints are designed to show backup and recovery challenges around specific technologies or functions and how NetBackup solves these challenges.
Each Blueprint consists of:
The crucial role of Active Directory
Regulatory requirements require that your organization protect sensitive information at all times, regardless of where it is stored. The key to compliance is the ability to monitor and enforce security policies at all times – a task which poses challenges for many organizations. As a critical component of most network infrastructures, Active Directory is positioned to help meet many of these requirements with greater ease and fewer headaches. Active Directory provides a central service for administrators to organize network resources, manage users, computers, and applications. Many different objects can be stored in the Active Directory, including:
You can think about AD in one of two ways — as a key part of your network wherein you spend a lot of time designing and tweaking its architecture, or simply as another database that exists on a server in your organization (in larger organizations AD would be a distributed database system).
As a database that exists on a server in your network, you should be following your best practices guidelines for backing it up and protecting it. As a key component of your network’s infrastructure, you should be planning on where it fits in the restoration chain in case you lose your network or building.
Protecting Active Directory
Protecting Active Directory is more essential than it first appears. Active Directory (AD) is the standard directory service in the Windows O/S. Exchange, SharePoint and SQL. All are dependent on its on-going good health, and yet, although we understand the necessity to protect our databases, email systems, applications – all of which are reliant on Active Directory in the Windows O/S, many organizations do not do anything specific to protect Active Directory?
Backing up Active Directory is pretty simple. However, everyone appreciates that an efficient backup and quick recovery of Active Directory to maintain business productivity is essential, and any administrator who has ever had to attempt to recover Active Directory data without such a tool is well versed on how frustrating and time consuming just the basic recovery process can be.
Should data in Active Directory corrupt – which can happen – it can have a ripple effect across the Windows environment including down to the application level of Microsoft Exchange, SQL, and SharePoint. Because Active Directory is a replicated database any human error, hardware or software failures, incorrectly modified or deleted objects, faulty scripts accidentally overwrite key Active Directory attributes can have a disastrous affect. Since it is a replicated database an accidentally deleted user account can result in a lengthy process while someone struggles to recover the Active Directory environment.
With no specific backup and recovery tool for managing Active Directory:
Adequately protecting Active Directory as the primary directory service in Windows is essential. Microsoft Exchange, SQL, and SharePoint all depend on efficient backup and quick recovery of Active Directory.
You can download the full Blueprint from the link below.