[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 184
  • Last Modified:

Searching for old accounts

Is there something more I need to do besides a simple "find" of older users in ADUC?  Trying to find a user that is no longer witht the company and had not logged in since August of 2007.  Isn't this simply a disabled user that should appear on my "find?"  

ADUC
right click on the domain
find
type in the user account.....

0
ncvadf
Asked:
ncvadf
  • 3
  • 2
1 Solution
 
drchristopheCommented:
Hi,

You are correct. All users disabled or not should show in your search results.

I think this user has been deleted. Well when I say deleted I mean tombstoned...When Active Directory deletes an object from the directory, it does not physically remove the object from the database. Instead, Active Directory marks the object as deleted by setting the object's isDeleted attribute to TRUE. By default if you installed your Forest with 2003 sp1 from new you will have 180 days of tombstoned data left. That will take is just about to August.

We can see this user by using a tool called LDP.exe in the 2003 resource kit. If you would like to do this I will assist you......bear in mind it's not that easy. ;)
0
 
ncvadfAuthor Commented:
Thanks.  I might need this information.  Should I accept and close the solution, or wait for the step-by-step process?
0
 
drchristopheCommented:
Hi,

Here is a step by step guide from Technet for reanimating deleted AD objects.

http://www.microsoft.com/technet/technetmag/issues/2007/09/Tombstones/default.aspx

You may want to use a tool called "ADRESTORE" makes things a liitle bit easier. All listed in the article.

Good Luck!
0
 
drchristopheCommented:
You can accept the soultion now if you are are happy with my comments??
0
 
ncvadfAuthor Commented:
I finally got around to utilizing this soluiton.  It seems to be a good step-by-step process.  The problem I am running into is that all of my deleted users in the deleted container that I am looking at do not have a name associated with them in the ldap results.  Also, there is know last known parent listed either.  Did I miss something or do something wrong?  How is this possible?
0

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now