If you need to recover a deleted Active Directory object and the Active Directory Recycle Bin was not enabled before the object was deleted, skip this section. Now if the Active Directory Recycle Bin feature was enabled before an Active Directory object was deleted, follow the proceeding steps to recover objects using the Active Directory Recycle Bin. Before completing the following steps, you should know a few important things:
» Restoring a deleted object using the Recycle Bin requires that the object’s distinguished name or object GUID is known.
» When restoring an object, the object will be restored into the original location, unless the –TargetPath option is used. If the original location does not exist, the restore will fail.
» Restoring a container or organizational unit using the Restore-ADObject cmdlet does not restore any objects that were contained within the container or OU when it was deleted. For this functionality, either all objects need to be restored after the container or OU is restored or a domain controller can be booted into DSRM and an authoritative restore can be performed using the Restore Subtree option.
Now, if you know that an object was mistakenly deleted and it should be recovered, the following steps can be followed. For this example, we will restore a user account named Khalil Droubi. To discover the properties of this deleted object, we will use the Get- ADObject cmdlet and will filter based on the name of Khalil. Also, when running the Get-AdObject cmdlet, using the –properties switch will expand the attributes listed for the query or search results. To restore a single deleted user object, perform the following steps:
1. Log on to the Windows Server 2008 R2 domain controller system with an account with domain administrator privileges.
2. Click Start, click All Programs, click Accessories, click the Windows PowerShell folder, right-click on Windows PowerShell, and select Run As Administrator.
3. Type cd \ and press Enter.
4. Type Import-Module ActiveDirectory and press Enter.
5. Type Get-Command *AD* -CommandType cmdlet and press Enter. This returns all of the Active Directory-related cmdlets and also returns a few more cmdlets not related to Active Directory.
6. Type Get-ADObject –Searchbase “CN=Deleted Objects,DC=Companyabc,DC=com”
–Filter * -IncludeDeletedObjects and press Enter. This returns all of the deleted
Active Directory objects on the local domain controller in the companyabc.com
domain to the PowerShell window with a default list of attributes.
7. Because we are trying to restore a deleted user account named Khalil Droubi, we can filter the previous command by typing Get-AdObject –Searchbase”CN=Deleted
Objects,DC=Company,DC=com” –LdapFilter “Name=*Khalil*”
–IncludeDeletedObjects and pressing Enter. This command returns all of the deleted objects that contain Khalil in the name.
8. As stated previously, if the deleted object will be restored to the original location, as is the case with a default Restore-ADObject command, the parent OU or container
must be present. To determine the parent container of the deleted user object, type
Get-AdObject –Searchbase”CN=Deleted Objects,DC=Company,DC=com” –LdapFilter
“Name=*Khalil*” –IncludeDeletedObjects –Properties LastknownParent and then press Enter.
9. When the LastKnownParent property value is returned, if the value returns a proper distinguished name, it exists. If the name includes CN=Deleted Objects in the value, the parent OU or container has also been deleted. If the LastKnownParent has been deleted, it either needs to be restored before the deleted user object or the user object needs to be restored to an alternate location using the –TargetPath option in the Restore-ADObject cmdlet.
10. Assuming that the LastKnownParent value returns an existing container to restore the object, copy the ObjectGUID of the deleted user account to the Clipboard, type Restore-ADObject –Identity and paste the ObjectGUID, and press Enter to restore the object.
Source of Information : Sams - Windows Server 2008 R2 Unleashed
No comments:
Post a Comment