Announcement

Collapse
No announcement yet.

Authoritative Restore Issue, Single Object

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Authoritative Restore Issue, Single Object

    Hi All,

    Hoping someone can confirm my steps or provide a possible reason to my issue. I am currently attempting to do an authoritative restore on a single AD object (a deleted user account) and seem to be running into some issues. Below are the steps I am taking:

    1. Boot the DC into AD DRM
    2. Launch NTBackup and restore last system state backup
    3. Exit NTBackup without rebooting the server
    4. Launch a DOS prompt from the start menu
    5. Issue the following command: ntdsutil "authoritative restore" "restore object cn=User,ou=Users,dc=company,dc=local" q q
    6. The command completes stating it was successful
    7. Reboot the server as normal
    8. Launch ADUC only to find that the user account is not there

    Am I possible missing a step? Any help would be greatly appreciated.

    -Jason
    MCSA/MCSE 2K3,MCITP:ESA,MCTS x 4,VCP x 2

  • #2
    Re: Authoritative Restore Issue, Single Object

    If you just need to "undelete" a single account, have you considered just using LDP to manually undelete it?

    I just had to do this a few weeks ago and it really worked very slick for me.

    http://www.petri.com/manually-undele...rectory-ad.htm

    Comment


    • #3
      Re: Authoritative Restore Issue, Single Object

      Wow, that's alot of work for one user account. Unless you're doing this for the experience I would recommend that you download and use adrestore:

      http://technet.microsoft.com/en-us/s.../bb963906.aspx

      Comment


      • #4
        Re: Authoritative Restore Issue, Single Object

        Originally posted by joeqwerty View Post
        Wow, that's alot of work for one user account. Unless you're doing this for the experience I would recommend that you download and use adrestore:

        http://technet.microsoft.com/en-us/s.../bb963906.aspx
        Thx joeqwerty. I was going through the steps just to refresh myself on the process, and then when it didn't work I was little stumped.

        Thx for the link for the adrestore tool, hadn't seen that one before.

        -Jason
        MCSA/MCSE 2K3,MCITP:ESA,MCTS x 4,VCP x 2

        Comment


        • #5
          Re: Authoritative Restore Issue, Single Object

          Glad to help.

          Comment


          • #6
            Re: Authoritative Restore Issue, Single Object

            Not to contradict, because that is a great tool, but I wanted to add more depth to this issue. I recently had a need to recover a deleted OU, and while it was small enough to have used the tool we choose to use the "recover subtree" because the authoritative restore recovers group membership as well as lost email account attributes.

            The ADRecovery tool is very nice for simplicity and when a limited number of objects are at stake. The recover subtree is recursive in nature, and that is very handy when multiple objects need to be recovered.

            Comment

            Working...
            X