?
Solved

How do I restore a deleted user account in Active Directory?

Posted on 2006-06-06
7
Medium Priority
?
190 Views
Last Modified: 2010-04-13
I am trying to figure out how I can restore a user account in Active Directory that has been deleted. I have both the system state as well as the winnt folder backed up. I have tried doing and authoritative restore as described in some other posts as well as Microsoft's website, but nothing I do seems to work. The server says the restore as completed successfully, but when I go to look in Active Directory Users and Computers, the user account simply does not appear under Users. This is still the case even after I reboot the server. Any advice one can give would be greatly appreciated.

Tbone
0
Comment
Question by:Rob Sanders
  • 4
  • 3
7 Comments
 
LVL 13

Expert Comment

by:Kini pradeep
ID: 16844642
http://support.microsoft.com/?kbid=840001
the issue you are experiencing is due to USN rollback.
what you can do is disconnect the network cable when you try the same steps again the objects would be there and when you get the DC online it would vanish, if this occurs then you can disable the inbound replication and authoritatively restore the object twice, run ntdsutil twice ( no neeed to restore twice from backup) and the follow this article, let me know if i could be of further assistance.

Thanks.
0
 
LVL 1

Author Comment

by:Rob Sanders
ID: 16851732
So I need to disable the inbound replication even though I only have one Domain Controller?

Tbone
0
 
LVL 13

Expert Comment

by:Kini pradeep
ID: 16851994
oh great if you have just one Dc then there is no problem at all, what is the service pack level on the server.
i guess there is a hotfix to detect the USN rollback its after sp4.
 885875 hotfix installed
0
How to Use the Help Bell

Need to boost the visibility of your question for solutions? Use the Experts Exchange Help Bell to confirm priority levels and contact subject-matter experts for question attention.  Check out this how-to article for more information.

 
LVL 13

Accepted Solution

by:
Kini pradeep earned 1000 total points
ID: 16852421
if there is a single DC in the domain then the authoritative restore is not needed, you can restore the backup which has the object you want to restore.
auth restore can be used when say you have 2 dc's and an object was deleted from one DC and replicated across to the other, now AD might have other objects created so if you just restore from a backup it would be overwritten by the other Dc as the USN of that DC is higher then the that on the backup, so doing an auth restore of that subtree helps. in a single DC the entire AD would be taken from that of the backup.
0
 
LVL 1

Author Comment

by:Rob Sanders
ID: 16853735
I tried just simply restoring the system state from a backup and it did not restore the deleted account. I will attempt to obtain that hotfix from Microsoft support, as Microsoft does not make that hotfix available without contacting support for some reason.

Tbone
0
 
LVL 1

Author Comment

by:Rob Sanders
ID: 16853770
Oh, also. I have downloaded every available update from the Microsoft update website. It actually says that the hotfix was included in an update on June 28th, 2005. So I assume I already have it installed.

Trevor
0
 
LVL 1

Author Comment

by:Rob Sanders
ID: 16854211
I think I got it working now. I tried just restoring the system state after having backup both the winnt and system state folders. That did the trick. As you suggested no authoritative restore was needed.

Tbone
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Last month Marc Laliberte, WatchGuard’s Senior Threat Analyst, contributed reviewed the three major email authentication anti-phishing technology standards: SPF, DKIM, and DMARC. Learn more in part 2 of the series originally posted in Cyber Defense …
Loops Section Overview
Screencast - Getting to Know the Pipeline
Suggested Courses

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question