Skip to main content
Answer

WEBINAR DEMO REQUEST: Recovery from a complete bare-metal wipe of the production environment

  • April 22, 2025
  • 8 comments
  • 99 views
StoopidMonkey

I think it would be beneficial for us to see what exact steps it would take to recover from a complete loss of the production environment, as if ransomware broke through and ALL non-hardened systems are presumed compromised. The call is made to “take off and nuke the site from orbit”, wiping all hypervisors down to bare metal (it’s the only way to be sure). The only thing that survives is a hardened Linux, StoreOnce, or cloud-based object storage repository. What do you do to bring the domain online, both in non-domain-joined VMware configurations and “worst case” environments with Hyper-V hypervisors and VBR servers that are also joined to the production domain?  

Such a demo would be great to showcase 1) how to recover from complete disaster even if you’re not following best practices concerning domain segmentation, and 2) how following said practices (presumably) would save you a lot of headache in a situation like this. The article linked below covers some of this territory but doesn’t speak to the exact order of operations when it comes to AD domain controller recovery and how could impact domain-dependent hypervisors. It could also use clarity on whether or not an attempt should be made to restore the VBR or Enterprise Manager servers to their previous state via Configuration Backups, or whether the initial goal is to restore everything from a newly downloaded copy of VBR on fresh workgroup-mode install of Windows Server with just the license file applied. In high-stress recovery scenarios like these it helps to see the small details spelled out.
 

Restoring infrastructure from scratch with Veeam

Best answer by Tommy O'Shea

With any restore, Veeam is going to require a platform up and ready to restore to, whether it is a physical server, hypervisor or cloud provider. Your DR plan needs to account for what that target is going to be, and include steps for making those available, before Veeam enters the picture.

After that, you’ll need to prepare a Veeam server to perform the restores (or present the backup files if you choose to do a bare-metal restore from a Veeam repository)

For the bare-metal restores, there’s not much you can do to automate the process, you just have to do them one by one.

As for your concern about the domain controllers, it’s a good point that they could have multiple application dependent on them and as such should be brought back first. If your hypervisor is dependent on the domain controller, then you need to be prepared to restore it to an environment that is not dependent on the domain.

I understand that you’re not necessarily asking for answers to each of the questions you’ve asked, rather that you think a webinar covering these topics would be beneficial. I would agree, though I'd note that everyone environment is going to differ slightly based on design and budget, so we can’t assume that the steps required are going to be the same for everyone.

Iams3le
Tommy O'Shea

8 comments

Chris.Childerhose
Forum|alt.badge.img+21
  • Chris.Childerhose
  • Veeam Legend, Veeam Vanguard
  • April 22, 2025

Have you tried searcing the Veeam YouTube channel here - (338) Veeam - YouTube

They have a ton of videos or even maybe just a search in general on YT might find something.  I am sure someone out there has done something similar but if not a good suggestion for a little project. 😉

Chris Childerhose - VMCA2024 | VMCE2023 | VMCE-SP2024 | Veeam Vanguard 8* | Veeam Legend 5* | VUG Canada Leader | vExpert 6* | Toronto VMUG Leader | VCAP-DCV/VCP-DCV | Object First Ace | Cisco Champion | Twitter: @cchilderhose | Blog Site – https://just-virtualization.tech
Iams3le
CMF
Tommy O'Shea
StoopidMonkey
  • StoopidMonkey
  • Author
  • Not a newbie anymore
  • April 22, 2025

Have you tried searcing the Veeam YouTube channel here - (338) Veeam - YouTube

They have a ton of videos or even maybe just a search in general on YT might find something.  I am sure someone out there has done something similar but if not a good suggestion for a little project. 😉

I’ve been looking around, and the article link I posted is the closest thing that addresses what I’m looking for and it’s still short on some key details. On the YT side all videos on bare metal recovery relate to using the Veeam Agent to restore a single hypervisor or physical server, not an entire production environment with no online domain controllers or VBR servers. 

Chris.Childerhose
CMF
Tommy O'Shea
Chris.Childerhose
Forum|alt.badge.img+21
  • Chris.Childerhose
  • Veeam Legend, Veeam Vanguard
  • April 22, 2025

Have you tried searcing the Veeam YouTube channel here - (338) Veeam - YouTube

They have a ton of videos or even maybe just a search in general on YT might find something.  I am sure someone out there has done something similar but if not a good suggestion for a little project. 😉

I’ve been looking around, and the article link I posted is the closest thing that addresses what I’m looking for and it’s still short on some key details. On the YT side all videos on bare metal recovery relate to using the Veeam Agent to restore a single hypervisor or physical server, not an entire production environment with no online domain controllers or VBR servers. 

Well someone would need to make something like this then.  I would suggest reaching out to your Veeam Team or even posting in the Forums to suggest this - https://forums.veeam.com

I guess this article is the only thing out there.

Chris Childerhose - VMCA2024 | VMCE2023 | VMCE-SP2024 | Veeam Vanguard 8* | Veeam Legend 5* | VUG Canada Leader | vExpert 6* | Toronto VMUG Leader | VCAP-DCV/VCP-DCV | Object First Ace | Cisco Champion | Twitter: @cchilderhose | Blog Site – https://just-virtualization.tech
Iams3le
Tommy O'Shea
Tommy O'Shea
Forum|alt.badge.img+5
  • Tommy O'Shea
  • Veeam Legend
  • Answer
  • April 22, 2025

With any restore, Veeam is going to require a platform up and ready to restore to, whether it is a physical server, hypervisor or cloud provider. Your DR plan needs to account for what that target is going to be, and include steps for making those available, before Veeam enters the picture.

After that, you’ll need to prepare a Veeam server to perform the restores (or present the backup files if you choose to do a bare-metal restore from a Veeam repository)

For the bare-metal restores, there’s not much you can do to automate the process, you just have to do them one by one.

As for your concern about the domain controllers, it’s a good point that they could have multiple application dependent on them and as such should be brought back first. If your hypervisor is dependent on the domain controller, then you need to be prepared to restore it to an environment that is not dependent on the domain.

I understand that you’re not necessarily asking for answers to each of the questions you’ve asked, rather that you think a webinar covering these topics would be beneficial. I would agree, though I'd note that everyone environment is going to differ slightly based on design and budget, so we can’t assume that the steps required are going to be the same for everyone.

Tommy O’Shea, VMCE, VMCE-SP, VMCA
Chris.Childerhose
Iams3le
lukas.k
T
  • TWuser
  • New Here
  • April 22, 2025

Definitely could be useful, but would have to be done in a fairly generic way.  Probably a concept I should document myself for our DR plan, but it would only be 1 scenario out of many, and would be the very last resort considering data would definitely be lost and downtime would be significant.   

The most useful part would probably be the stuff less thought about, like how to ensure everything you recover is free and clean of ransomware/etc, which could show off some of the more recent antivirus tools Veeam has integrated.  

 

Tommy O'Shea
lukas.k
Forum|alt.badge.img+12
  • lukas.k
  • Influencer
  • April 22, 2025

With any restore, Veeam is going to require a platform up and ready to restore to, whether it is a physical server, hypervisor or cloud provider. Your DR plan needs to account for what that target is going to be, and include steps for making those available, before Veeam enters the picture.

After that, you’ll need to prepare a Veeam server to perform the restores (or present the backup files if you choose to do a bare-metal restore from a Veeam repository)

For the bare-metal restores, there’s not much you can do to automate the process, you just have to do them one by one.

As for your concern about the domain controllers, it’s a good point that they could have multiple application dependent on them and as such should be brought back first. If your hypervisor is dependent on the domain controller, then you need to be prepared to restore it to an environment that is not dependent on the domain.

I understand that you’re not necessarily asking for answers to each of the questions you’ve asked, rather that you think a webinar covering these topics would be beneficial. I would agree, though I'd note that everyone environment is going to differ slightly based on design and budget, so we can’t assume that the steps required are going to be the same for everyone.

Totally agreed here. The tools are available but it all comes down to the individual concept with specific KPIs.

 

I have blueprints available, in case of interest please feel free to reach out but we have to chat before in any case.

LK | Former Veeam Vanguard | Security Specialist
Tommy O'Shea
Iams3le
Forum|alt.badge.img+11
  • Iams3le
  • Veeam Legend
  • April 24, 2025

Have you tried searcing the Veeam YouTube channel here - (338) Veeam - YouTube

They have a ton of videos or even maybe just a search in general on YT might find something.  I am sure someone out there has done something similar but if not a good suggestion for a little project. 😉

I’ve been looking around, and the article link I posted is the closest thing that addresses what I’m looking for and it’s still short on some key details. On the YT side all videos on bare metal recovery relate to using the Veeam Agent to restore a single hypervisor or physical server, not an entire production environment with no online domain controllers or VBR servers. 

Well someone would need to make something like this then.  I would suggest reaching out to your Veeam Team or even posting in the Forums to suggest this - https://forums.veeam.com

I guess this article is the only thing out there.


I agree with ​@Chris.Childerhose here! What you want is a strong example of how customers have successfully executed full recoveries using Veeam Backup & Replication (VBR). There are lots of real-world testimonials where organisations were able to restore their environments from the ground up, validating the reliability and completeness of VBR as a disaster recovery solution. Below are some links, and a quick search will prompt the answer you want.
https://www.purestorage.com/de/customers/rcwilley.html
https://cybersecasia.net/case-study/maxims-critical-data-recovery-made-easy-with-veeam/
https://www.veeam.com/resources/customer-stories/evalueserve-reduces-recovery-time-by-99-percent-and-resolves-issues-proactively-in-virtualised-environment-with-veeam.html
- https://www.veeam.com/resources/customer-stories/eczacibasi-group.html
https://www.veeam.com/de/resources/customer-stories/christof-holding-success-story.html
 

While these stories are clear, ​the article from @HannesK which you have shared adds great clarity to this topic. Thank you for bringing this idea to the table. Moving forward, I plan to create my own blog post that will explore these scenarios in more depth to further support and expand on the points you’ve outlined.

[Microsoft MVP 2x | Veeam Legend (2021 -2025) | VMware vExpert 5x | Cisco Champion 3x | Object First Ace 2x]
Chris.Childerhose
Tommy O'Shea
StoopidMonkey
lukas.k
Forum|alt.badge.img+12
  • lukas.k
  • Influencer
  • April 24, 2025

An update on this: We are currently working on some ideas of a live demo that will also be recorded. We don’t just want to show how to restore data using VBR but we also want to go a step further and deep dive into different scenarios and possibilities.

 

As soon as we have an update I’ll let you know.

LK | Former Veeam Vanguard | Security Specialist
Tommy O'Shea
StoopidMonkey
T
Terms & ConditionsAccessibility statement