How to Restore Deleted Active Directory Object using LDP.exe in Windows Server 2008 R2 Domain.

In the previous article we learnt on how to enable Active Directory Recycle Bin and also we learnt on how to Restore deleted objects using Shell. To know on how to enable Recycle Bin please click here.

In this second part blog post we will walk you through the steps involved in restoring deleted objects using LDP.exe.

Before we begin

The account with which we are going to perform this action should be a member of Domain Admins group.

Best Practices

It is always recommended to have a proper system state backup. To know how to perform system state backup in 2008 machines please click here. Recycle bin is just an option in Windows Server 2008 R2. Once enabling this feature it cannot be reversed under any circumstances. So plan accordingly.

Scenario

We will be deleting the same account named as “Sunder” for testing purpose.

Open command prompt in elevated mode as follows.

Go to Start > Right click Command Prompt > Select Run as Administrator as shown below.

image

Figure 1.1 : Open Command Prompt in elevated mode.

image

Figure 1.2 : Type ldp.exe and then press enter

image

Figure 2.1 : Click on connect

image

Figure 2.2 : Type the server name with which you want to connect. In our scenario its DC1.

Click on OK.

image

Figure 3.1 : Click on Bind

image

Figure 3.2 : Bind as currently logged on user (Default). Click ok.

image

Figure 4.1 : Select Options in the menu bar and then select Controls.

image

Figure 4.2 : Option to select.

In figure 4.2 please select “Return deleted objects” in the drop down menu as shown above.

image

Figure 5.1 : Select Tree

Go to view and Select “Tree” and select the option as listed below.

image

Figure 5.2 : In BaseDN Select Domain Partition.

image

Figure 6.1 : Click Modify

In Figure 6.1 navigate to Deleted Objects container and locate the Deleted Objects which was deleted. Right click and then select Modify.

image

Figure 6.2 : Modify the selected object.

In figure 6.2 type “isDeleted” and under Operation select Delete and then press Enter as shown above.

image

Figure 6.3 : Changing the DN.

In figure 6.3 type distinguishedName and in the Values type the original DN of the object. In our case it is “CN=Sunder,OU=All Company Users,DC=MSEXCHANGETEAM,DC=IN”. Select the check box Extended without fail.

Under Operation select Replace and again press Enter. And finally click Run.

Object restored successfully.

image

Figure 7.1 : Object restored Successfully.

It is always important to make a note of the object from where it was deleted. This will help in fetching the DN of the object.

Conclusion : Using Powershell it is pretty straight forward. However we have two easy option to recover deleted objects which was deleted accidentally. Choice is yours.

Happy Learning

Sunder

MSEXCHANGETEAM.IN | Ideas That Clicks

Tagged , . Bookmark the permalink.

13 Responses to How to Restore Deleted Active Directory Object using LDP.exe in Windows Server 2008 R2 Domain.

  1. Amit says:

    Nice article. Keep going

  2. Sunder says:

    Thanks Amit. My pleasure

  3. Baalaji.V.V.A says:

    hi Sundar

    it is very useful for us and also everyone

  4. Nelson says:

    This article is spoon feeding and very handy for understanding restoring the deleted active directory object

  5. Sathish says:

    Excellent one
    This article helped my friend in real time scenario 🙂

  6. Sunder says:

    Thank You Sathish

  7. Fedrik says:

    Try this tool ..its having some advanced options to restore the deleted objects. http://www.adsysnet.com/downloads/ASNActiveDirectoryManagerV10.msi

  8. lenka says:

    Super Method.this very beatful way

  9. Mahesh says:

    Try this latest tool ..its having some advanced options to restore the deleted objects. http://www.adsysnet.com/downloads/ASNActiveDirectoryManagerV30.msi

  10. Ali Imam says:

    Hello,
    I am trying to restore a deleted object but it is not restoring.
    I am using Windows Server 2008 R2 but I haven’t enable AD Recycle Bin. Is it necessary to enable AD Recycle Bin? Can we perform restoring a deleted object without enabling AD Recycle Bin?

  11. Sunder says:

    Hi Ali,

    For recycle bin you have to enable to them well in advance. Please note that once it is enabled you cannot revert it back.

    In case your deleted object was deleted recently and you want to restore without restoring a backup.
    Then please read the blog for help.
    http://msexchangeteam.in/how-to-restore-deleted-active-directory-objects-in-windows-server-2003-2008-and-2008-r2-domains/

  12. Umer says:

    Thank You !