ITEC 6610 - Deployment Plan: Active Directory Disaster Recovery

Verified

Added on 2022/11/15

AI Summary

This report details a deployment plan for Active Directory, crucial for disaster recovery. It outlines key considerations such as the site of recovery, type of failover, and the number of domain controllers. The plan incorporates Azure-based solutions, including multi-factor authentication, conditional access, self-service password reset, privileged identity management, single sign-on, seamless SSO, access panel, ADFS integration, Azure AD application proxy, user provisioning, and Workday driven inbound user provisioning. The report emphasizes the importance of a well-defined plan to ensure application functionality during failover events, referencing relevant literature on disaster recovery and risk management. The plan provides a structured approach to maintaining business continuity in the face of potential disruptions.

Running head: DEPLOYMENT PLAN
DEPLOYMENT PLAN
Name of the Student
Name of the university
Author note

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

1DEPLOYMENT PLAN
In order to set up disaster recovery environment, there is a requirement to find out the process
in which the Active Directory should be set up. Most of the applications are dependent on
AD and associated DNS infrastructure so that these can function in a correct manner
(Copeland et al., 2015). In this paper the deployment plan will be discussed like how to set up
Active Directory in case of different scenarios seeing to it that the applications function in a
proper manner following any such failover event. The following steps will be showing the
impact of the important factors on the decisions taken.
Site of Recovery: Configuring the protection in between the on-premises sites or it can be made
directly to the application Microsoft Azure.
Type of the Failover: The steps related to recovery and replicating the domain controllers should
be changed irrespective of what purpose it is being meant for such as for Test Failover or it can
be an Unplanned Failover.
Failover of the Unit: It depends on the rate of flexibility to the failover of the partial sites or in
case if interested only in the failover of the full site.
Number of the domain controllers in the forest region: The recommended technology for
replication vary based on the size of enterprise that is if an enterprise is big or small and these
generally consist of one domain controller or in any case if there are more than one domain
controller in the scenario (Barga et al., 2015).
The steps in the deployment plan are as follows:
1) Multi-factor authentication- The Multi-Factor Authentication of Azure is a two step solution
that performs verification.

2DEPLOYMENT PLAN
2) Conditional Access- With the option of Conditional Access, automated access control
decisions can be implemented.
3) Self-service password reset- This aids the users to reset their passwords as and when it is
required.
4) Privileged Identity Management- This aids in managing some privileged administrative role
across the Azure AD and the other available services of Microsoft Online.
5) Single sign-on- This aids the users to access all resources required for the business, signing
into the system just for once by making use of a single user account.
6) Seamless SSO- This automatically signs the users into their corporate devices that are
connected to corporate network.
7) Access Panel- This offers the users a hub discovering and accessing the applications.
8) ADFS to Password Hash Sync- The hashes of the passwords of the users get synchronized
from the on-premises Active Directory to the Azure AD.
9) ADFS to pass through authentication- This aids the users to sign into the on-premises and the
cloud based applications by making use of the same password.
10) Azure AD application proxy- This aids the users to work on their own devices at any place
they are.
11) User provisioning- Azure AD aids in automating creation, maintenance and at the same time
removal of user identities in the cloud applications.

3DEPLOYMENT PLAN
12) Workday driven inbound user provisioning- This creates a certain foundation for the ongoing
identity governance.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

4DEPLOYMENT PLAN
References
Copeland, M., Soh, J., Puca, A., Manning, M., & Gollob, D. (2015). Microsoft Azure. New
York, NY, USA:: Apress.
Barga, R., Fontama, V., Tok, W. H., & Cabrera-Cordon, L. (2015). Predictive analytics with
Microsoft Azure machine learning. Berkely, CA: Apress.