The Dos and Don’ts of Recovering Active Directory from a Scorched Earth Disaster
Date: Wednesday, May 27th at 9am PDT / 12noon EDT
In the age of cloud, dependency on Active Directory is rapidly growing—and so is the attack surface. The threat to AD from ransomware and wiper attacks is generally understood, but the complexity of forest recovery is not. In “the good old days”, AD recovery meant recovering AD from natural disasters and operational errors. But cyberattacks changed all that. Today, it’s quite likely that every domain controller (DC) will be encrypted or completely wiped out in a matter of minutes.
So, what to do you when a cyber-attack wipes out your DCs? Microsoft provides a lengthy technical guide that details the manual-intensive process required to recover an AD forest. There’s no indication if you do something wrong until the end, at which point you have to start over. Third-party backup tools can automate the process, but they were only built to address recovery from IT operational issues, where AD is affected but host servers are not.
With AD becoming a prime target for widespread, business-crippling attacks, it’s time to think “cyber-first”. In this technical workshop, you’ll learn the dos and don’ts of recovering AD from a cyber disaster.
- Recover AD even if domain controllers are infected or wiped
- Restore AD to alternate hardware (virtual or physical)
- Eliminate reinfection of malware from system state backups
- Automate the entire recovery process and reduce downtime
About the presenters:
Guido Grillenmeier, Chief Technologist, DXC Technology
Guido Grillenmeier is a Chief Technologist within the Enterprise Services Group at DXC Technology, a company formed in 2017 from the Enterprise Services division of HPE and CSC. Based in Germany, Guido deals primarily with global Windows infrastructure deployments for large enterprise customers. He has helped various customers to secure their Active Directory, make the move to 64-Bit Windows and Windows 10, and to utilize virtualization solutions at scale.
Gil Kirkpatrick, Microsoft MVP & Chief Architect, Semperis
Gil Kirkpatrick is the Chief Architect for products at Semperis, a leading provider of cyber preparedness, incident response, and disaster recovery solutions for enterprise directory services on-premises and in the cloud. Gil has been building commercial products for enterprise IT for a very long time, focusing primarily on identity management and security-related products. He has been named a Microsoft MVP for Active Directory and Enterprise Mobility for each of the last 15 years, and is the author of Active Directory Programming, as well as the founder of the Directory Experts Conference. At Semperis Gil builds products to prevent, detect, and recover from cyber-attacks on enterprise hybrid identity environments. Gil speaks on cyber-security, identity, and disaster recovery topics at IT conferences around the world.