AD Rollback and Recovery
When I worked as an Active Directory (AD) Architect for over a decade, one of the most challenging tasks I experienced was the inability to easily and safely undo the mistakes administrators and I made. While Microsoft does provide some capabilities for recovering deleted objects with the AD recycle bin, it still does not offer an easy way to rollback and recover from other changes, including rolling back attribute changes for a user or group.
For example, have you ever made a change to the department, group, and address of an employee due to a status change—and then realized you updated the wrong individual? Did you record what the original attributes were? If you’re like me, probably not and you’d be left with no easy way to restore them. And that’s a low impact scenario. What if you mistakenly changed the attributes of hundreds or even thousands of employees? Then, you’d have a serious problem on your hands without Active Directory rollback and recovery.
Introducing StealthRECOVER for AD Rollback and Recovery
Today, we are pleased to announce that StealthRECOVER, the newest addition to STEALTHbits’ Active Directory Management and Security Portfolio, is now available for a free 60-day Right-to-Use License. StealthRECOVER is a comprehensive, yet easy-to-use Active Directory rollback and recovery solution that enables administrators to quickly and safely rollback and recover from malicious or unintended changes to Active Directory objects and attributes.
Key features in StealthRECOVER for Active Directory rollback and recovery include:
- Active Directory Snapshots – Govern when and how directory back-ups are performed, with visibility into back-up history and changed objects. By leveraging multiple directory snapshots and full text search, organizations can easily find and restore only the information they need.
- Object Recovery – Enable administrators to quickly and easily recover deleted objects in Active Directory, fully reanimated with all attributes and settings restored to the last backup state.
- Object Rollback – Comprehensive rollback options for objects in Active Directory means objects can be rolled back to any recorded state complete with attributes, group memberships, and settings.
- Attribute Rollback – Seamlessly rollback attributes in Active Directory to any recorded state including last, previous, and anytime a backup has been recorded.
- Permissions Change Tracking and Rollback – Track Access Control List changes to objects and rollback any unintended or malicious actions.
- DNS Rollback and Recovery – Protect and recover Active Directory integrated DNS with the ability to roll back to any recorded state including last, previous, and anytime a backup has been recorded. With the ability to rollback DNS entries, organizations can prevent spoofing, man in the middle attacks, and data loss due to accidental change or malicious attack.
- GPO Rollback and Recovery – Rollback Group Policy Objects to restore them to their prior state. Leverage point in time recovery options for deleted Group Policy Objects, without downtime.
To try StealthRECOVER, download your free 60-day right-to-use license now*: http://bit.ly/2oBRb14
To learn more, please visit: https://www.stealthbits.com/products/stealthrecover-active-directory-rollback-recovery
*The initial license is 14-days with an automatic extension upon contacting firstname.lastname@example.org.
Don’t miss a post! Subscribe to The Insider Threat Security Blog here:
Brad Bussie is an award winning fifteen year veteran of the information security industry. He holds an undergraduate degree in information systems security and an MBA in technology management. Brad possesses premier certifications from multiple vendors, including the CISSP from ISC2. He has a deep background architecting solutions for identity management, governance, recovery, migration, audit, and compliance. Brad has spoken at industry events around the globe and has helped commercial, federal, intelligence, and DoD customers solve complex security issues.