PowerShell: Recover Deleted Active Directory Objects

$domain="kimconnect"
$ltd="com"
$dc="dc01"
$userToRecover="Tom Cruise"

# Enable Active Directory Recycle Bin
# Enable-ADOptionalFeature 'Recycle Bin Feature' -Scope ForestOrConfigurationSet -Target "$domain.$ltd" -Confirm:$False
Enable-ADOptionalFeature "Recycle Bin Feature" -server ((Get-ADForest -Current LocalComputer).DomainNamingMaster) -Scope ForestOrConfigurationSet -Target (Get-ADForest -Current LocalComputer) -Confirm:$False

# Find deleted objects
Get-ADObject -filter 'isdeleted -eq $true -and name -ne "Deleted Objects"' -includeDeletedObjects -property *
Get-ADObject -ldapFilter:"(msDS-LastKnownRDN=*)" –IncludeDeletedObjects

# Restore user
Get-ADObject -Filter {displayName -like $userToRecover} -IncludeDeletedObjects | Restore-ADObject

# Restore using ntdsutil
$dnPath="CN=Steve Ardis,ou=Users,dc=dc,dc=local"
ntdsutil "authoritative restore" "restore object $dnPath" q q

# Restore using PowerShell
Get-ADObject -Filter 'samaccountname -eq $userToRecover' -IncludeDeletedObjects | Restore-ADObject

Leave a Reply

Your email address will not be published. Required fields are marked *