• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 236
  • Last Modified:

Active Directory username dissapearance

I was not able to see one username in the AD.  I performed an AD replication and after that I lost 2 users in my AD.  I cannot find these users anywhere in the AD.  Replication was performed from same site, same domain, the only difference is the DC receiving the update is in different city.  I am running Windows 2003 Server in all 3 DC's.  Is there any way to recover these accounts?  I do not want to recreate them.
1 Solution
are these users still able to log in?
Malli BoppeCommented:
can you check the users in LostAndFound folder in the AD.
virtechAuthor Commented:
They are not in the lost and found and gthey cannot login.
make sure you check on each DC - if something went wrong with replication they may be on one DC and not the others.

If they cannot log in, it sounds like the user account has been wiped out..  and I don't think you can restore individual accounts from backup in AD.
> "and I don't think you can restore individual accounts from backup in AD."

Assuming you have a valid System State backup in place, this is 100% false. Simply reboot one of your DCs into Directory Services Restore Mode, perform a System Syste restore, and then mark the 2 objects as authoritative using ntdsutil before rebooting normally.

If you don't have a valid System State backup, then these accounts cannot be easily restored - you can re-animate the tombstone objects, but all group memberships will need to be manually re-entered.

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now