What’s your Azure AD Recovery Plan? 9/13/2018 12:59 PM THR2213 What’s your Azure AD Recovery Plan? Shawny Reiner Strategic Systems Consultant Quest © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

1 4 2 20 Shawny Reiner Grandson  Grown daughters 9/13/2018 12:59 PM Grandson  Shawny Reiner Grown daughters Dogs, but one fur baby! 1 4 2 20 Years in IT! Used to be a customer and joined Quest in 2014. Redesign, restore, redecorate! © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Bad things will happen and you’ll be fine – if you’re prepared. 9/13/2018 12:59 PM Bad things will happen and you’ll be fine – if you’re prepared. © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

9/13/2018 12:59 PM What’s your plan? Key strategies for managing 2 Azure AD recovery scenarios © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

1. Accidental or malicious deletions Brad didn’t know that most Azure AD (AAD) groups can’t be recovered from the recycle bin. Only Office 365 group types are recoverable. Risks With AAD, once a group is deleted, you will not be able to do a simple restore. You must use PowerShell (PoSH). Even with PoSH, you cannot restore security and distro groups You have about 30 days before the Recycle Bin times out You will permanently lose hard deleted objects

3. And… not much more you can do here! 9/13/2018 12:59 PM 3. And… not much more you can do here! 2. Limited restore capabilities and no group membership 1. No UI to restore deleted groups © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Quest On Demand – Easily recovers groups! 9/13/2018 12:59 PM Quest On Demand – Easily recovers groups! Create a solid retention policy: Use Quest On Demand to automate regular backups © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

OOPS! I deleted one of my security groups!

No problem! I can find the object on the difference report and restore!

YAY! It’s restored. Let’s have a look …

Yep, it’s back and so are it’s members! That was easy!

2. Insider or external attack Hank has been causing problems for the last week, and it’s not clear what he has changed or when. Several legitimate changes have also occurred in the environment. Risks You can’t fix what you don’t see Loss of productivity and possible security issues Loss of legitimate changes if you do a full restore or synch from on prem

Difference Report – shows legitimate changes for Alex Wilber 9/13/2018 12:59 PM Difference Report – shows legitimate changes for Alex Wilber © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Hank the Hacker made some unwanted changes! 9/13/2018 12:59 PM Hank the Hacker made some unwanted changes! © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Luckily, with Recovery - we made backups for multiple timeframes 9/13/2018 12:59 PM Luckily, with Recovery - we made backups for multiple timeframes © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

With Difference Report – we can restore just the changes we want! 9/13/2018 12:59 PM With Difference Report – we can restore just the changes we want! © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

And now Alex is restored!

What sets Quest On Demand apart? 9/13/2018 12:59 PM What sets Quest On Demand apart? © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Native vs. Quest On Demand Backup and Recovery Azure AD and Office 365 recovery Azure AD Recycle Bin Restore multiple objects at one time with easy-to-use GUI Yammer accounts B2B accounts Security groups without alias Objects with filters that prevent replication via ADC Office Groups Distribution lists and mail-enabled security groups

Native vs. Quest On Demand Backup and Recovery Azure AD and Office 365 recovery Azure AD Recycle Bin Granular restore user attributes Restore attributes not in recycle bin: select mail settings and MFA Restore hard deleted objects which bypassed the recycle bin Reporting for cloud only objects Difference reporting with restore capability Search and restore capability Reporting for objects synchronized with ADC

What our tech preview customers had to say Microsoft 2016 9/13/2018 12:59 PM What our tech preview customers had to say "Finally, a long awaited product that can take backup of Azure AD with granular restoration features as well as disaster recovery. An excellent companion to Quest RMAD.“ – Directory Services Technologist, from large financial institution “As we migrate our existing customers to the cloud, we can use Quest On Demand to give them peace of mind without another piece of software or hardware needed to install.“  – Law Murphy, Account Executive, Cloud and Disaster Recovery Consultant, Abtech “An excellent companion to Quest RMAD” © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

We’re just getting started … 9/13/2018 12:59 PM We’re just getting started … © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

9/13/2018 12:59 PM What’s next? On-Premises RMAD and SaaS On Demand Backup and Recovery will work as a seamless, single recovery product! Single dashboard: shows objects in unpacked backup ADC Synch Status: shows full progress on ADC synch Differentiate: between cloud-only and hybrid objects Difference Report: will allow search capabilities GUI based select: will restore items on-prem and in the cloud © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Come to Booth #717 and meet our team! Get drinks, food and a chance to win a cool raffle prize Get expert advice on how to Get a personalized demo of Join our Tech Preview program #STOPHANK !

Please evaluate this session Tech Ready 15 9/13/2018 Please evaluate this session From your Please expand notes window at bottom of slide and read. Then Delete this text box. PC or tablet: visit MyIgnite https://myignite.microsoft.com/evaluations Phone: download and use the Microsoft Ignite mobile app https://aka.ms/ignite.mobileapp Your input is important! © 2012 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

9/13/2018 12:59 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.