How to Restore Deleted Active Directory Objects

How to Restore Deleted Active Directory Objects

AD Installation Overview

As the primary authentication service in the majority of organizations worldwide, the health and operational integrity of Active Directory has a direct impact on the overall security of your organization. The capability to rollback and recover from changes to your Active Directory infrastructure, whether accidental or malicious, is an important and often overlooked aspect of your ability to maintain the security and performance of your network

When Active Directory objects are deleted, they are placed in the Deleted Objects container or also known as the AD recycle bin. By default, this container is not displayed to an administrator and it must be enabled manually either using a script or the LDP.exe utility. Following the enabling of the active directory recycle bin, there are several native methods to restore deleted accounts in a windows server such as LDP.exe utility, PowerShell queries, and the Administrative Center. The simplest method to restore deleted users is to utilize the Administrative Center feature. Please see the steps below regarding how to find deleted users in active directory and restore deleted users.

Restoring a User Object using AD Administrative Center

 Step 1 – Launch the Active Directory Administrative Center ( or run dsac.exe)

Step 2 – In the Left pane select the domain in which the deleted object resided.

Step 3 – In the center pane select deleted Objects

Step 4 – Navigate and locate the user and click restore

Step 5 – Optionally you can select to restore to a specific Container

How to use StealthRECOVER for Rollback and Recovery

StealthRECOVER provides point-in-time rollback and recovery of Active Directory objects, attributes, Integrated DNS, and more, allowing organizations to restore objects in their entirety or just the granular attribute information they need.  Please see our step-by-step guide below to recover users in AD using StealthRECOVER.

Step 1 – Navigate and locate the user object you wish to restore or use our quick object search bar located in the left side of the console.

Step 2 – Select the attributes you want to rollback

Step 3 – Optionally, StealthRECOVER allows an administrator to enter a comment/note about the rollback performed and password options to force to change password, assign a new password and/or enable a user account. 

Additional Restoring Methods.

If you wish to restore using LDP.EXE utility or a PowerShell script. Please see the article linked below.

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd379509%28v%3dws.10%29

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Start a Free StealthAUDIT® Trial!

No risk. No obligation.

Privacy Preference Center

      Necessary

      Advertising

      Analytics

      Other