To prepare for any type of Disaster Recovery, periodic backups of the Privilege Manager (PM) reporting database should be done.
The rules are saved in the policies folder of the Domain Controller’s Sysvol directory.
The rules that have been processed are written to the registry on the client machines. The Privilege Manager client will read the rules from the registry and continue to work as normal.
Once the Privilege Manager console is installed on a machine, it will read the rules from a Domain Controller and you will be able to make changes again.
If disaster occurs and the computer where the PM server component was configured has to be rebuilt or replaced, but the machine which hosted the PM reporting database is fine, once the PM console is re-installed, run the setup again for the PM server and point it to the existing database instance which holds the PM reporting data.
If disaster occurs and the computer that the PM server component is configured on has to be rebuilt or replaced, and this is also the same machine which the database instance which contains the PM reporting data is on, once the PM console is reinstalled, then re-setup the PM server and allow it to install and build a new empty PM reporting database. Once that is done, use SQL tools to restore the most recent backup of the database to this new database instance.