Undeleting a Container Object
You want to undelete a container object such as an OU that contained other objects when it was deleted.
Using a graphical user interface
Use the steps in Recipe 17.19 to first undelete the container object. Then undelete each individual child object that was contained within the container, specifying the container's DN in the restored object's DN. Alternately, perform a System State restore and use ntdsutil to mark the restored OU as authoritative, as described in Recipe 17.5.
Using a command line interface
> adfind -default -rb "cn=Deleted Objects" -f "(name=<ContainerRDN>*)" -showdel -dsq | admod undel > adfind -default -rb "cn=Deleted Objects" -f (" lastKnownParent=<ParentContainerDN>") showdel dsq | admod -undel
When you delete an Active Directory container object, it also deletes any child objects that are housed within that container. Restoring an entire OU, for example, therefore requires you to restore both the container itself as well as all of the child objects contained within it. This is relatively simple to perform from the command line since you can restrict your query to those objects that have the appropriate value listed in the lastKnownParent attribute. However, just as when you reanimate an individual object, each of these child objects will need to have its individual attributes re-established. Therefore, when restoring a container object, your most efficient method will be to perform a System State restore and to use ntdsutil to mark the restored OU as authoritative.
MSDN:Restoring Deleted Object[Active Directory]