At some point in your career as an Active Directory Domain Administrator you will have the need to recover an AD object (user,computer,OU etc) and the last thing you want to do is an authoritive restore from backup.
In a previous post I show you how to check if the AD Recycle Bin feature is enabled and how to enable it which is the main prerequisite for this post.
In Windows Server 2012:
In Server 2012 it really easy using the Active Directory Administrative Center aka ADAC
- Open the the ADAC
- Select Deleted Objects
- Right click an object on the right and select Restore or Restore To… then select the location the object should be restored to.
In Windows Server 2008:
There are 3 ways if you’re in a Windows 2008 environment.
- Use the ADAC tools installed on a Windows 2012 Server. This will have the same result and procedure as shown above and is by far the easiest.
- Option 2 is using LPD.exe ,Microsoft has an easy to follow article detailing this procedure.
- Using PowerShell.
- use the Get-ADObject command if you want a list of deleted objects
- once found you can simply restore the object using Restore-ADObject (See Example below of a computer object being restored. Same applies to users and other AD objects )
That's It!
I hope this post has been informative for you. Send a shout out if you found this post helpful or comment if you have any questions.
Comments