About DLO emergency restore and recovery passwords

DLO's Emergency Restore feature is used to recover Desktop Agent user data from the File Server in the event that the configuration database is lost. Emergency Restore can also simplify the task of restoring user data for the users that have been deleted from the DLO Administration Console. To use the Emergency Restore feature, a Recovery Password must have been established before the database was lost or the user was deleted. If user data is restored from another media, you must use the Recovery Password that was in effect when the user data was backed up to recover the data.

A Recovery Password is established when the DLO Administration Console is first launched. For older versions of DLO, a recovery password had to be manually established using the DLO command line interface. The recovery password is used to encrypt each user's encryption key so the key can safely be stored on the File Server. DLO encrypts user data using a user-specific, randomly generated encryption key. The encryption keys are stored in DLO's configuration database on the media server. The encryption-keys are also stored, in encrypted form, on the File Server.

The Emergency Restore feature prompts the administrator for the Recovery Password, which is used to decrypt the user's encryption key. The encryption key is then used to decrypt the user's data. If a recovery password has not been established the Emergency Restore feature cannot be used to restore encrypted user data.