So You Performed A Forest Recovery. How Do You Reconnect Your AD Again With Azure AD? – The Sequel
With cybercrime on the rise, ransomware attacks that target Active Directory (AD) - the primary identity store for most businesses worldwide - are as common as having a cup of coffee. In the worst-case scenario, your AD is burned to the ground, and at a minimum you hopefully have backup(s) to perform a forest recovery. Most likely, you have a hybrid identity environment with Entra ID (a.k.a. Azure AD), so what do you do next? Just allow synchronization to occur, or do you take precautionary measures to prevent damage as much as possible in Entra ID? Last year, I presented the best practices (WITHOUT a demo) on reconnecting AD with Entra ID after performing a forest recovery, using either Entra AD Connect Sync (a.k.a. Azure AD Connect Sync) or Entra Cloud Sync (a.k.a. Entra Cloud Sync). This year’s session will be completely focussed on demo’ing that process starting right after having executed a forest recovery. The attendees will be guided through the complete process. Before doing that, a brief recap of the highlights will be explained. Topics that will be demo’ed: performing a GAP analysis, recreating/fixing objects in ADs, analyzing the data in Entra Connect Sync and reenable sync. Something similar witll also be done with Entra Cloud Sync. Any code used during the demo will be provided afterwards through a blog post. In summary, THROUGH A DEMO, attendees will see and learn:
- The next steps to take after a forest recovery
- Which backup to choose and why
- The steps to perform a gap analysis
- The steps to remediate impact
- How to use Entra Connect Sync or Entra Cloud Sync in a scenario like this