Cayosoft Guardian Forest Recovery

Immediate Active Directory Forest Recovery Software

Including Immediate Object and Attribute, Domain Controller, and Forest Recovery

When your Active Directory (AD) or Azure Active Directory (Azure AD) stops working, every second matters. Business is at a standstill and users lose all access to applications and resources necessary to work and communicate, resulting in costly outages and lost business. No matter the cause, the continued success of your organization depends on the resilience of directories and integrated enterprise services.

Designed to protect your business from costly AD outages caused by ransomware cyberattacks, wiper cyberattacks, and directory data corruption, Cayosoft Guardian Forest Recovery is an all-in-one, immediate recovery solution for all Microsoft directories, on-premises AD, hybrid AD, and Azure AD, and all major directory recovery scenarios, including AD object and attribute, partition, domain controller (DC), and forest recovery. Cayosoft Guardian Forest Recovery also includes continuous change monitoring to allow for quick detection and rollback of mistakes or malicious changes, preventing outages or attacks before they happen.

Key Features

Immediate AD Forest Recovery Automation with Advanced Planning

Fast forest recovery with comprehensive automation and advanced backup and recovery plans needed for immediate and accurate recovery, in all key Microsoft directory recovery scenarios. Advanced automation capabilities allow for accelerated, secure recovery, remove human error, and minimize costly business interruptions. With Cayosoft Guardian Forest Recovery, automate your entire forest recovery process and get back to business up to 10 times faster than native recovery and most other recovery processes. With backup and recovery plans, you can immediately restore any AD or Azure AD objects or attributes and define how to immediately restore domain controllers (DCs), DSRM passwords, FSMO roles, DNS, RID pool, site topology, and other critical tasks.

True Hybrid Change Monitoring and Recovery

The only platform that delivers an all-in-one recovery solution for on-premises AD, hybrid AD, and Azure AD scenarios including immediate object and attribute recovery, DC recovery, and full forest recovery, as well as continuous change monitoring. Using Cayosoft’s single interface reduces cost and complexity, making AD and Azure AD recovery faster and easier. Cayosoft Guardian Forest Recovery allows you to ensure the availability and integrity of all your directories, by having to only maintain and manage one platform, all while reducing your attack surface and avoiding costly business interruptions. With continuous change monitoring and immediate recovery combined, you can quickly identify and immediately rollback malicious changes or misconfigurations, whether on-premises or in the cloud.

Ideal Active Directory Backups

Collecting only what is needed reduces the data stored, speeding the recovery process without introducing possible malware-infected components. In today’s climate, ransomware attacks are a major threat to every organization and when your Active Directory is down, your business stops. To ensure the restoration of business operations, you require an AD recovery plan that takes less time and eliminates the risk of malware reinfection. Cayosoft Guardian Forest Recovery provides the safest and most efficient means of recovery. Simplify and streamline the recovery process with smaller backups that only collect, store, and process the data necessary for you to recover your AD forest.

Clean Restore Anywhere

Restore to clean Windows servers, ensuring a secure and rapid recovery, while preventing reintroduction of malware. Restoration to an on-premises physical server, virtual machine (VM), or to an Azure VM provides the ultimate recovery flexibility. When your Active Directory gets attacked, cyber threat actors often seek ways to spread like escalating privileges, moving laterally, and corrupting additional servers, creating risk of reinfection when restoring your AD forest. With Cayosoft Guardian Forest Recovery, choose which recovery process is best for your situation. Quickly recover your AD to clean, trusted hardware anywhere, whether virtual or physical, on-premises or in the cloud. This eliminates the risk of reintroduction of rootkits, ransomware, and other malware and significantly reduces the forest recovery process.

Immediate Granular Object and Attribute-Level Restore

Immediate, granular recovery of AD or Azure AD objects and attributes, like group memberships, account settings, changes to Azure AD policies, Microsoft license assignments, and Microsoft Teams memberships, enables fast recovery. Active Directory object and attribute recovery goes beyond the basic capabilities of the native recycle bin “undelete” feature. Cayosoft Guardian Forest Recovery’s granular restoration minimizes the effects of outages by quickly identifying problems and immediately rolling back smaller, more frequent mistakes or malicious changes caused by insider threats or cyberattacks. Eliminate downtime and negative impact on network users and stop attackers before they have a chance to act.

Isolated Virtual Labs for Disaster Recovery (DR) and Other Testing

Define recovery plans to create production AD forest duplicates, test and document recovery procedures, and create virtual labs for other changes to domains or forests. With malware incidents on the rise and attackers gaining sophistication, having a validated disaster recovery (DR) plan is a critical to ensuring business continuity. Be prepared for when, not if, the inevitable forest outage happens. With Cayosoft Guardian Forest Recovery easily and frequently test your DR plan’s effectiveness, in a replicated environment and in virtual labs, ensuring recovery can be performed when needed. Prevent costly production outages by isolating the recovery environment from the production forest environment. Use virtual forest test labs to test disaster scenarios and other changes that have the potential to cause outages, such as schema changes, application upgrades, changes to AD capabilities, and scripted operations.

Want to learn about the other features of Cayosoft Guardian Forest Recovery?

In addition to AD domain and forest recovery, Cayosoft Guardian Forest Recovery also includes all the features in Cayosoft Guardian. Learn more about Cayosoft Guardian, the base of our all-in-one recovery solution, here.


is the average cost to recover from a ransomware attack



days is the average downtime a company experienced, of material business disruption, following a ransomware incident



pages is the length of the technical guide PDF, provided by Microsoft, to natively recovery AD forests

How Cayosoft Compares

One Solution for All Active Directory Recovery Scenarios


Time-consuming and error-prone process. Microsoft’s AD Forest Recovery Guide details a lengthy, complicated process spanning multiple threads and numerous steps.

Common Result: Costly outages and downtime that bring business operations to a screeching halt

Multiple installations, typically three to five different products, and complex backup architectures, across numerous disconnected interfaces

Common Result: Increased costs and complexity. Navigating between consoles can delay recovery leading to mistakes, creating areas for attackers to invade 


All-in-one, AD and Azure AD immediate object and attribute recovery, partition recovery, domain controller recovery, and automated, immediate full forest recovery. Cayosoft Guardian Forest Recovery was designed to do it all, in a single interface.

Others Who Trust Cayosoft

Guardian Forest Recovery FAQ

AD domain controllers run Windows Server 2012 R2, 2016, 2019 and 2022.

Cayosoft Guardian Forest Recovery only saves data related to Active Directory like the AD database, registry, and system volume (SYSVOL). The backup file is optimized for performance and security by omitting other system state components, any applications, and their date.
Cayosoft Guardian Forest Recovery’s backup file only stores data related to Active Directory, like the AD database, registry, and system volume (SYSVOL). For a new AD domain, without any users, groups, and data on SYSVOL, the backup file size is typical around 300 – 400 MB.

Follow the “3-2-1 rule.” Keep at least 3 copies, or versions, of data stored, on 2 different pieces of media, 1 of which is off-site. With Cayosoft Guardian Forest Recovery you can easily do this, by configuring it to back up to two different file storages and then archive one of these storages off-site.

Check out these relevant resources.


All-In-One, Immediate AD Recovery Solution

Cayosoft Guardian Forest Recovery is the only solution for Active Directory and Azure Active Directory continuous change monitoring, immediate object and attribute recovery, partition recovery, domain controller recovery, and automated, immediate full forest recovery.

On-Demand Webinar

Achieving Active Directory Resilience with Immediate Forest Recovery

As cyberattacks continue to increase, it is no surprise establishing cyber resilience has become a top priority for organizations. In this session, learn more about AD and Azure AD recovery and the crucial role it plays in strengthening your resilience.


Cayosoft Launches Innovative, New Solution for Immediate Full AD Recovery

Cayosoft Guardian Forest Recovery delivers continuous change monitoring and immediate recovery for Active Directory, hybrid AD, and Azure Active Directory, in a single solution.