How to Restore Deleted Active Directory objects

The manual process via LDP by Microsoft

Step 1: Locate the deleted object

run LDP using a Domain Administrator or Enterprise Administrator account >> connect to the correct Domain Controller >> bind using the correct credentials >> browse >> search >> Base Dn = CN=Deleted Objects,DC=domain,DC=domainsuffix >> Filter = (objectclass=user) >> scope = One level >> click Options >> Attributes = * >> Search call type = Extended >> select Display Results >> click Controls >> Load Predefined = Return deleted objects >> control (1.2.840.113556.1.4.417) >> click Check In >> OK >> OK >> rerun LDP Search >> copy and paste the desired object DN onto notepad

Step 2: reanimating a tombstoned object

run LDP using a Domain Administrator or Enterprise Administrator account >> Browse >> Modify >> DN = the DN as found in the prior step >> Operation = Delete >> Attribute = isDeleted >> click Enter >> Operation = Replace >> Attribute = distinguishedName >> Values = User Name,CN=Users,DC=domain,DC=local (the original DN value prior to deletion) >> click Enter >> select check mark next to Extended >> click Run

The Automatic Process via ADRESTORE by Systernals

Step 1: Locate the deleted object

Run CMD as a Domain Administrator >> adrestore {username}

Step 2: Reanimate tombstoned object

Run CMD as a Domain Administrator >> adrestore -r {username}

Notes:
- server objects tombstone would not be moved to the CN=Deleted Objects container when it is deleted
- user object group memberships will need to be re-added after the object has been recovered

Leave a Reply

Your email address will not be published. Required fields are marked *