Undeleting a Container Object






Undeleting a Container Object

Problem

You want to undelete a container object such as an OU that contained other objects when it was deleted.

This Recipe requires Windows Server 2003.


Solution

Using a graphical user interface

Use the steps in Recipe 17.19 to first undelete the container object. Then undelete each individual child object that was contained within the container, specifying the container's DN in the restored object's DN. Alternately, perform a System State restore and use ntdsutil to mark the restored OU as authoritative, as described in Recipe 17.5.

Performing an authoritative restore of user or group objects will require additional considerations, as detailed in MS KB 280079 (Authoritative restore of groups can result in inconsistent membership information across domain controllers).


Using a command line interface
	> adfind -default -rb "cn=Deleted Objects" -f "(name=<ContainerRDN>*)"
	 -showdel -dsq | admod undel
	> adfind -default -rb "cn=Deleted Objects" -f
	 (" 
lastKnownParent=<ParentContainerDN>") showdel dsq | admod -undel

Discussion

When you delete an Active Directory container object, it also deletes any child objects that are housed within that container. Restoring an entire OU, for example, therefore requires you to restore both the container itself as well as all of the child objects contained within it. This is relatively simple to perform from the command line since you can restrict your query to those objects that have the appropriate value listed in the lastKnownParent attribute. However, just as when you reanimate an individual object, each of these child objects will need to have its individual attributes re-established. Therefore, when restoring a container object, your most efficient method will be to perform a System State restore and to use ntdsutil to mark the restored OU as authoritative.

See Also

MSDN:Restoring Deleted Object[Active Directory]



 Python   SQL   Java   php   Perl 
 game development   web development   internet   *nix   graphics   hardware 
 telecommunications   C++ 
 Flash   Active Directory   Windows