How to find deleted objects in Active Directory?

How to find deleted objects in Active Directory?

Problem 

If you do not have the AD Recycle Bin enabled, it is impossible to find out what objects were deleted. You can only find the deleted objects when it causes operational issues.

This post will explain how you can ascertain the deleted objects when you do not have the native Recycle Bin enabled.

Solution 

Using RecoveryManager Plus, you can find out the deleted items if you perform the following steps before the tombstone life-time period elapses.

Step 1: Download RecoveryManager Plus and add your domain. 
  1. Download and install RecoveryManager Plus.

  1. Log in to RecoveryManager Plus as an administrator.

  1. RecoveryManager Plus will automatically identify your AD domains.

  1. The identified domains will appear under account configuration.

  1. Update the Username and Password of the domain administrator or enterprise administrator.

  1. Once updated, navigate to the Active Directory tab > Settings > Backup Settings.

  1. Select All OUs from the Select OUs to backup field.

  1. Select All object types in the Objects to Backup field.

  1. Click Save & Run the backup.

 Step 2: Find the deleted objects 

Once the backup is complete, perform the following steps to identify the deleted objects.

  • Navigate to the Active Directory tab > Active Directory > Recycle Bin.

  • Select the domain in which you’d like to find the deleted objects from the Domain drop-down box.

  • The list of all objects that have been deleted will be displayed.

Note: If your tombstone life-time is 60 days, only the objects that were deleted 60 days prior to the time at which RecoveryManager Plus backed up your AD environment will be displayed.

  • To restore the objects, mark the check-box next to the objects and click Restore.

 

Note: Since RecoveryManager Plus was not installed when you deleted the objects, not all attributes of the objects will be restored. Only a few default attributes will be restored. If you do not restore the object within the tombstone lifetime period, you’ll not be able to restore the objects even using RecoveryManager Plus.

 


                  New to ADSelfService Plus?

                    • Related Articles

                    • Recovering deleted objects that have exceeded the tombstone lifetime

                      Problem When an Active Directory object is deleted, and it stays in the deleted state for longer than the tombstone lifetime, then the object cannot be restored using native methods. This post will explain how you can restore objects whose tombstone ...
                    • How to restore a single Active Directory user

                      Description User objects are the basic building blocks of your Active Directory environment. Administrators accidentally deleting a user object from AD is not an unheard-of event. The user whose account has been deleted from AD now cannot login to ...
                    • Active Directory BitLocker recovery key

                      BitLocker is a full-disk encryption feature available in Windows machines that helps protect data by encrypting the entire disk. The Active Directory (AD) BitLocker Recovery Key is a unique, 48-digit numerical password generated when BitLocker ...
                    • How to backup Active Directory using RecoveryManager Plus

                      Active Directory (AD) is crucial to the day-to-day operations of most modern organizations, as it manages users, computers, applications, and resources within a network. It is designed to centralize and streamline access control to ensure only ...
                    • A guide to backing up AD groups using RecoveryManager Plus

                      Active Directory (AD) groups are a fundamental component of AD that enable administrators to organize users and devices into logical units. AD groups streamline permission management and simplify user access to resources like files, folders, and ...