AD GPO Restore in vSphere

[hkpark]

Hi All

I had AD GPO recovery testing.
There are several situations.
* BNR server is not AD joined.
1. If you try to restore to its original location, you will not be able to connect to the LDAP server.
    - Restore to, enter the IP information, not the hostname.
    - However, if you see the restore failure log, Network Access Denied
    - User level restore is restored in this way.

2. Enter the FQDN of the guest OS in the Hosts file.
    - Still the same in the log Network Access Denied
    - User level restore is restored in this way.
    - Restore to the account part of the guest OS of the AD account and then proceed with the success.

Question.
1. Is the User Level Restore and GPO recovery procedures different?
2. Do I have to put the FQDN information in the Hosts file?
3. When backing up AD, I put the AD account and performed the backup.
 Why do I have to re-enter the AD account when I restore.
4. Is this a bug?

[DGrinev]

Hi HyungKyu,

1. Yes, they are different, since the GPOs are contained not only in AD, but in the file system of DC.
2. That's not necessary.
3. The detailed logs review is needed to check which account has been used for connection, so do not hesitate to raise a support ticket.
As you said the backup server is outside of the domain, but during the process Veeam Explorer is trying to get access into the admin share of DC, that's might be a reason why you can see Network Access Denied message in the logs. Thanks!