Comprehensive data protection for all workloads
Post Reply
SvenP
Influencer
Posts: 13
Liked: never
Joined: Mar 31, 2016 12:53 pm
Full Name: Sven Putze
Contact:

Enterprise Manager - Exchange item restore - domain membership

Post by SvenP »

If we read the documentation right, to be able to restore Exchange items, the server must be member of the Active Directory of the Exchange server.

Why on earth?

I can restore Exchange items with the Veeam Backup and Recovery console without the need of the server beeing member of anything. If you need to scan the AD for mailbox info, why not ask the user for credentials? This way, we could even restore items from different Active Directories with only one Enterprise Manager server.

If someone hacks the AD and henceforth can access the Enterprise Manager, how safe are the backups at this point?
HannesK
Product Manager
Posts: 14287
Liked: 2877 times
Joined: Sep 01, 2014 11:46 am
Full Name: Hannes Kasparick
Location: Austria
Contact:

Re: Enterprise Manager - Exchange item restore - domain membership

Post by HannesK »

Hello,
the console and Enterprise manager work completely different in the background. That's why the requirement exists.
how safe are the backups at this point?
from which perspective? Enterprise manager cannot directly delete backup data. But an attacker could remove VMs from backup as it is possible to edit backup jobs.

Best regards,
Hannes
SvenP
Influencer
Posts: 13
Liked: never
Joined: Mar 31, 2016 12:53 pm
Full Name: Sven Putze
Contact:

Re: Enterprise Manager - Exchange item restore - domain membership

Post by SvenP »

how safe are the backups at this point?
from which perspective? Enterprise manager cannot directly delete backup data. But an attacker could remove VMs from backup as it is possible to edit backup jobs.
To my understanding the Enterprise Manager holds credentials for the Veeam Backup and Recovery server, regardless if the backup server is a domain member or not. When the Active Directory is breached, an attacker could work his way into the Enterprise Manager, decrypt the backup server credentials and move on to get hold of all the backups. Or he could just restore a VM into an unusable state.
HannesK
Product Manager
Posts: 14287
Liked: 2877 times
Joined: Sep 01, 2014 11:46 am
Full Name: Hannes Kasparick
Location: Austria
Contact:

Re: Enterprise Manager - Exchange item restore - domain membership

Post by HannesK »

ransomware will not do what you describe, but agree, that are valid attacks.
Post Reply

Who is online

Users browsing this forum: Google [Bot] and 225 guests