In the age of cloud, dependency on Active Directory is rapidly growing—and so is the attack surface. The threat to AD from ransomware and wiper attacks is generally understood, but the complexity of forest recovery is not. In “the good old days”, AD recovery meant recovering AD from natural disasters and operational errors. But cyberattacks changed all that. Today, it’s quite likely that every domain controller (DC) will be encrypted or completely wiped out in a matter of minutes.
So, what to do you when a cyber-attack wipes out your DCs? Microsoft provides a lengthy technical guide that details the manual-intensive process required to recover an AD forest. There’s no indication if you do something wrong until the end, at which point you have to start over. Third-party backup tools can automate the process, but they were only built to address recovery from IT operational issues, where AD is affected but host servers are not.
With AD becoming a prime target for widespread, business-crippling attacks, it’s time to think “cyber-first”. In this technical workshop, you’ll learn the dos and don’ts of recovering AD from a cyber disaster.
Gil Kirkpatrick is the Chief Architect for products at Semperis, a leading provider of cyber preparedness, incident response, and disaster recovery solutions for enterprise directory services on-premises and in the cloud. Gil has been building commercial products for enterprise IT for a very long time, focusing primarily on identity management and security-related products. He has been named a Microsoft MVP for Active Directory and Enterprise Mobility for each of the last 15 years, and is the author of Active Directory Programming, as well as the founder of the Directory Experts Conference. At Semperis Gil builds products to prevent, detect, and recover from cyber-attacks on enterprise hybrid identity environments. Gil speaks on cyber-security, identity, and disaster recovery topics at IT conferences around the world.
Guido Grillenmeier is Chief Technologist with Semperis. Based in Germany, Guido has been a Microsoft MVP for Directory Services for 12 years. He spent 20+ years at HP/HPE as Chief Engineer. A frequent presenter at technology conferences and contributor to technical journals, Guido is the co-author of Microsoft Windows Security Fundamentals. He’s helped various customers secure their Active Directory environments, and supported their transition to Windows 10/m365 and Azure cloud services.