Recovering deleted objects that have exceeded the tombstone lifetime
Problem
When an Active Directory object is deleted, and it stays in the deleted state for longer than the tombstone lifetime, then the object cannot be restored using native methods.
This post will explain how you can restore objects whose tombstone lifetime has elapsed.
Solution
Using RecoveryManager Plus, you can restore these objects easily. RecoveryManager Plus comes with an in-built Recycle Bin. Unlike the native Recycle Bin of AD, this does not have to be manually enabled. Also, you do not have to enable the native Recycle Bin for RecoveryManager Plus's Recycle Bin to work.
Login to RecoveryManager Plus with an administrator's credentials.
Navigate to the Active Directory tab → Active Directory → Recycle Bin.
Select the domain that contains the object to be restored in the Domain drop-down box.
You can use RecoveryManager Plus to recycle the deleted object to the same location or to a new location.
To recycle the object to its previous location, select the Recycle radio button at the top of the screen.
To recycle the object to a new location, select the Recycle to at the top of the screen radio button. In the pop-up that appears, select the location to which you recycle the object and click Save.
Click the
icon to narrow the search for the object to be restored.
Type the name of the deleted object in the Object Name field. If you are not sure of the name, use the filters such as Contains, Starts With, Ends With, and Equals.
Click the
icon in the OUs field to select the OU.
Specify the approximate time period within which the object was deleted in the Backup Date field and click Apply.
In the Object Type field, select the type that fits from the drop-down box and hit Search.
Mark the check box against the objects that you would like to recycle.
Click Restore.
Your deleted object will now be restored with all of its attributes intact.
Note: When you restore a deleted object that has been removed from the deleted object container, the object will be recreated with a new GUID and SID. If you wish to retain a user's last set password in Active Directory, mark the checkbox against Preserve Object Password, in recovery settings.
New to ADSelfService Plus?
Related Articles
How to find deleted objects in Active Directory?
Problem If you do not have the AD Recycle Bin enabled, it is impossible to find out what objects were deleted. You can only find the deleted objects when it causes operational issues. This post will explain how you can ascertain the deleted objects ...A guide to backing up AD groups using RecoveryManager Plus
Active Directory (AD) groups are a fundamental component of AD that enable administrators to organize users and devices into logical units. AD groups streamline permission management and simplify user access to resources like files, folders, and ...A guide to backing up AD users using RecoveryManager Plus
Active Directory (AD) is the foundation of most enterprise networks, providing a central repository for authentication, authorization, and user management. User accounts in AD form the backbone of identity management, enabling secure access to ...How to restore AD groups using RecoveryManager Plus
Active Directory (AD) groups play a crucial role in managing user permissions and access control in an organization's network. They enable administrators to efficiently manage user permissions, access control, and resource sharing by grouping users ...How to backup Active Directory using RecoveryManager Plus
Active Directory (AD) is crucial to the day-to-day operations of most modern organizations, as it manages users, computers, applications, and resources within a network. It is designed to centralize and streamline access control to ensure only ...