When the Symantec Endpoint Protection Manager (SEPM) is integrated with Threat Defense for Active Directory (TDAD), additional considerations need to be made during disaster recovery.

The following steps should be applied, depending on the disaster recovery media available.

Only Recovery File restore

1. Create a backup of the SEPM Server Private Key Backup recovery files
2. Uninstall SEPM
3. Re-install SEPM on the same machine and then use the recovery back up
4. Re-register the SEPM with TDAD and re-assign the appropriate TDAD policy to clients/groups

Only Recovery File & DB  restore

1. Create a backup of the SEPM Server Private Key Backup recovery file and database
2. Uninstall SEPM
3. Re-install SEPM on the same machine and then use the recovery back up
4. Now restore the DB
5. After the restore has completed and during the Management Server Configuration Wizard select the Server Private Key Backup recovery file.
6. Once TDAD has communicated with the SEPM, policies can be re-assigned from TDAD to SEP clients/groups.