Disaster recovery scenarios
Finding a quick solution after a disaster
In the experience, Netwrix Password Secure is usually installed in IT in a central location. If the system fails, it must be possible to gain access to the passwords again as quickly as possible. This section is designed to help you quickly find a solution if a problem occurs.
Prevention
It is extremely important to create a sensible recovery plan and to make corresponding preparations. Unfortunately, it isn't possible to supply a finished recovery plan because it always needs to be created individually. The following points should be taken into account in this process:
Creating backups
It is of course essential during a disaster that you can access a backup that is as up-to-date as possible. Therefore, you must regularly create Backup management.
Who is responsible during a disaster?
The first thing to decide is who should take action during a disaster. Corresponding deputies should also be defined. The responsible employee should have the corresponding rights within Netwrix Password Secure.
Providing the required passwords
What passwords do those people responsible need to restore Netwrix Password Secure?
- Domain password to log into the specific computer
- Password for the Server Manager
- Access data for the service user
- Access data for the SQL user
- Password for logging into Netwrix Password Secure
Furthermore, it must be ensured that the responsible user has access to these passwords at all times. The following options are possible:
- Store the passwords in the company safe
- Create corresponding Offline Add-on
- Periodically create a HTML WebViewer file with automatic delivery via a system task including e-mail forwarding which can be configured in Account
Disaster scenarios
The following section will describe various disaster scenarios including the possible recovery steps.
Scenario 1
Problem:
Database is corrupt
Solution:
Restore the database from a backup.
Scenario 2
Problem:
Database server is faulty
Solution:
Install the database server on new hardware. If the server name changes as a result, the licence needs to be reactivated. If the licence has already been activated multiple times, it may be that it can only be released again by Netwrix. If the SQL instance name changes, the connection to the database server needs to be reconfigured on the application server. This is performed via the basic configuration.
Any existing offline databases will continue to function properly.
Scenario 3
Problem:
Application server faulty
Solution:
New installation on new hardware. The licence must be reactivated. If the server name has changed, it may be that the licence can only be released again by Netwrix. The basic configuration must be completed to restore the connection to the database server. If the server name changes, the database profile on the client needs to be amended.
Any existing offline databases need to be recreated.
Scenario 4
Problem:
Both servers are faulty but passwords from Netwrix Password Secure are required urgently.
Solution:
Install the database server and application server on new hardware. The licence must be reactivated. Restore the database from the backup. The basic configuration must be completed to restore the connection to the database server. If the licence has already been activated multiple times, it may be that it can only be released again by Netwrix.
Any existing offline databases need to be recreated.
Scenario 5
Problem:
As for Scenario 4 but the Active Directory is also not available.
Solution:
As described for scenario 4. If the user was imported in end-to-end mode, you can also log in without an AD connection. Users imported in Masterkey mode can't log in. Therefore, it is recommended that you create special, local emergency users for such cases.