Posted On June 27, 2019

PowerShell: Recover Deleted Active Directory Objects

kimconnect 0 comments
blog.KimConnect.com >> Codes >> PowerShell: Recover Deleted Active Directory Objects
June 27, 2019June 27, 2019 kimconnectkimconnect 0 Comments 
$domain="kimconnect"
$ltd="com"
$dc="dc01"
$userToRecover="Tom Cruise"

# Enable Active Directory Recycle Bin
# Enable-ADOptionalFeature 'Recycle Bin Feature' -Scope ForestOrConfigurationSet -Target "$domain.$ltd" -Confirm:$False
Enable-ADOptionalFeature "Recycle Bin Feature" -server ((Get-ADForest -Current LocalComputer).DomainNamingMaster) -Scope ForestOrConfigurationSet -Target (Get-ADForest -Current LocalComputer) -Confirm:$False

# Find deleted objects
Get-ADObject -filter 'isdeleted -eq $true -and name -ne "Deleted Objects"' -includeDeletedObjects -property *
Get-ADObject -ldapFilter:"(msDS-LastKnownRDN=*)" –IncludeDeletedObjects

# Restore user
Get-ADObject -Filter {displayName -like $userToRecover} -IncludeDeletedObjects | Restore-ADObject

# Restore using ntdsutil
$dnPath="CN=Steve Ardis,ou=Users,dc=dc,dc=local"
ntdsutil "authoritative restore" "restore object $dnPath" q q

# Restore using PowerShell
Get-ADObject -Filter 'samaccountname -eq $userToRecover' -IncludeDeletedObjects | Restore-ADObject
Categories:

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Post

Post Image

Read More

PowerShell: Chicken Scratch Ports Scanner

Although there are optimized applications to perform this task such as Angry Port Scanner, NMAP,…
Post Image

Read More

GPO Logon Banner

Update: this information is outdated. Use this link for the current method of creating Logon…
Post Image

Read More

PowerShell: Convert Local Path to UNC Path

function convertLocalToUnc($localPath,$computername){ $uncPath=.{$x=$localPath -replace "^([a-zA-Z])\:","\\$computername\`$1`$"; if($x -match '\\$'){return $x.Substring(0,$x.length-1)}else{return $x} } $validLocal=if($localPath){test-path $localPath -ErrorAction SilentlyContinue}else{$false}…