Daniel Ramawidjaja Blog

June 22, 2009

Restore Deleted Objects from Active Directory Database Using Tombstone Reanimation (AdRestore.exe and ADRestore.NET)

By using AdRestore.exe or ADRestore.NET, you can implement tombstone reanimation method to restore deleted objects from Active Directory database easily. So it basically do the same as using LDP in my previous post, Restore Deleted Objects in Active Directory Database Using Tombstone Reanimation (LDP.EXE)

I wrote the previous post to make deep understanding of the tombstone reanimation concept.

AdRestore.exe
Formerly Sysinternals and now Microsoft, Mark Russinovich has created a command-line freeware application called ADRestore. The tool enumerates all of the currently tombstoned objects in a domain and allows you to restore them selectively, and provides a convenient command-line interface for using the Active Directory reanimation functionality.

You can download this tool from here:
http://technet.microsoft.com/en-us/sysinternals/bb963906.aspx

ADrestore.exe

 

ADRestore.NET
Restoring objects with ADRestore.net
Guy Teverovsky has written a GUI version that allows you to easily restore deleted AD objects.
I found this tool will help you a lot when you need to restore more than one deleted objects, for example, an OU contains some objects.

You can download the ADRestore.NET here:
http://blogs.microsoft.co.il/files/folders/guyt/entry40811.aspx

Here the demo steps:
I deleted an OU named Accounting contained some objects including users and groups.
Delete an OU

Enumerating Tombstones
ADRestore.NET

First restore the OU.
ADRestore.NET

Then restore the other objects one by one.
ADRestore.NET

Until the last object
ADRestore.NET

Then view the result
ADRestore.NET - The Result

You can see from the steps above that using ADRestore.NET will be a lot of easier to restore more than one objects.

About these ads

7 Comments »

  1. how to open adrestore.exe, i dont know how to open it can any one help me in this

    Comment by kumar — November 4, 2010 @ 6:23 am | Reply

    • download adrestore.exe from here
      http://technet.microsoft.com/en-us/sysinternals/bb963906

      it’s a simple command-line utility, so should in in command prompt..
      sorry for not check my blog so long..

      Comment by Daniel Ramawidjaja — September 23, 2011 @ 11:07 pm | Reply

      • Hi Daniel, I’ve searched your blogs and still haven’t found something to help. I have a group policy object that I deleted (in ad users & computers->domain controllers OU-> right click to properties -> click on group policy tab -> click on a company domain policy and I accidentally deleted it.

        I have the GUID for it and it has been tombstoned. I used your blog on how to use LDP.exe to restore Active Directory objects, but I got an error back after running replace= Server error: 00000057: LDAPErr: DSID-0c090A85 – error in attribute conversion operation.

        Do you know a way for me to get our company domain policy (group policy) back from a tombstone?

        This group policy had all our settings in it for users/programs and services and I REALLY need to get it back.

        Any help you can offer would be great!

        Comment by Natalie — August 15, 2012 @ 4:27 pm

      • please also read the following reference, find keyword tombstone.
        http://msdn.microsoft.com/en-us/library/windows/desktop/ms677923%28v=vs.85%29.aspx
        http://technet.microsoft.com/en-us/library/cc961934.aspx
        You can restore only if tombstone lifetime have not passed.

        Comment by Daniel Ramawidjaja — August 15, 2012 @ 4:59 pm

      • Thank you Dan. Guess I will have to do a authoritative restore of system state then and hope to get that group policy object back. I tried using adrestore.net and it restored the objects but I cannot use them as they say access denied when I tried to load them into the GP editor. Says I don’t have permissions to open the object.

        Thanks for the link to the restore!
        Natalie

        Comment by Natalie — August 15, 2012 @ 5:19 pm

  2. [...] Here the demo steps: I deleted an OU named Accounting contained some objects including users and groups. Enumerating Tombstones First restore the OU. Then restore the other objects one by one. Until the last object Then view the result You can see from the steps above that using ADRestore.NET will be a lot of easier to restore more than one objects: https://dani3lr.wordpress.com/2009/06/22/tombsone-reanimation-using-adrestore-exe-and-adrestore-net/ [...]

    Pingback by Restore deleted objects from Active Directory using adrestore and adrestore.net « Jacques DALBERA's IT world — September 23, 2011 @ 12:25 pm | Reply

  3. Very Good Supported & useful information for every IT person.

    Comment by Sameer — October 31, 2011 @ 3:57 pm | Reply


RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

The Rubric Theme. Create a free website or blog at WordPress.com.

Follow

Get every new post delivered to your Inbox.

%d bloggers like this: