PowerShell.com
Forums » Using PowerShell » Active Directory » Recovering Deleted User Ad account throught Active Directory powershell

Recovering Deleted User Ad account throught Active Directory powershell

rated by 0 users
This post has 0 Replies | 1 Follower

Top 10 Contributor
Posts 211
Top Contributor
Reply
Krishna Posted: 06-01-2009 2:53 AM

http://smtpport25.wordpress.com/2009/04/22/recovering-deleted-user-ad-account-throught-active-directory-powershell/

We can recover any Active Directory deleted object with in the Tombstone period.
Tombstone lifetime can be found in active directory using below steps

• Load the ADSIEdit snap-in by navigating to start menu, programs, Windows 2000 Support Tools, Tools, ADSI Edit, or simply type adsiedit.msc at the run command.
• Navigate down to CN=Directory Service, through Configuration, CN=Configuration,DC=domainName,DC=com, CN=Services, CN=Windows NT, right-click and choose properties. 
• scroll down to tombstoneLifetime. This will have Tombstone period

Get-QADUser -Tombstone

Will get the list of user accounts which are Deleted and residing in Tombstone

  

Get-QADUser -Tombstone <name> |restore-QADDeletedObject

Will restore the user object in to the OU LOSTANDFOUND

  

Get-QADUser -Tombstone -LastKnownParent ‘<DN of container>’
Restores all user accounts that were deleted from a particular container to OU LOSTANDFOUND.

 

 Get-QADUser –Tombstone –LastChangedOn (get-date -year 2008 -month 9 -day 1)

Restores all user accounts that were deleted on September 1, 2008

 

Get-QADUser –Tombstone  <username> | fl

Gives the complete details of the -Tombstone account which can help in finding detained information of the Tombstoned account

Page 1 of 1 (1 items) | RSS
Concentrated Tech NSoftware Dell Compellent Sponsored by Idera and Concentrated Tech and NSoftware and Dell Compellent
Copyright 2011 PowerShell.com. All rights reserved.