September 2003
Intermediate to advanced
624 pages
15h 49m
English
Content preview from Active Directory CookbookBecome an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
16.17. Restoring a Deleted Object
Tip
This recipe must be run against a Windows Server 2003 domain controller.
Problem
You want to restore an object that was previously deleted.
Solution
Using a graphical user interface
Open LDP.
From the menu, select Connection → Connect.
For Server, enter the name of a domain controller (or leave blank to do a serverless bind).
For Port, enter 389.
Click OK.
From the menu, select Connection → Bind.
Enter credentials of a user that can restore the deleted object (only administrators for the domain by default).
Click OK.
From the menu, select Options → Controls.
Select
Return deleted objectsfrom the Load Predefined selection.Click OK.
From the menu, select Browse → Modify.
For Dn, enter the distinguished name of the deleted object you want to restore.
For Attribute, enter
distinguishedName.For Values, enter the original DN of the object.
For Operation, select Replace.
Click Enter.
For Attribute, enter
isDeleted.For Values, remove any text.
For Operation, select Delete.
Click Enter.
Add mandatory attributes as necessary:
For Attribute, enter
<ManadatoryAttribute>.For Values, enter
<MandatoryAttributeValue>.For Operation, select Add.
Check the box beside Extended.
Click Run.
The results will be displayed in the right pane.
Discussion
Windows Server 2003 supports restoring tombstone (deleted) objects, which have not expired. This is an alternative to performing an authoritative restore for an object that was accidentally deleted. The downside to this approach is that since most ...