Active Directory Users/Computers Mssing

Posted on 2011-10-23
Last Modified: 2012-05-12
We have been having a lot of issues with users and computer accounts just disappearing from Active Directory. My client had a Terminal Server that they didn't realize was a domain controller as well so I performed a dcpromo on that server to demote it. My client only has 1 domain controller at this point. Is there anyway that I can permenantly delete old users and computer from AD? Also I have run dcdiag and netdiag and all is well there. I don't know when the users get deleted but they show up in ADRestore but when I try to restore them I get an error that it won't enable them.
Question by:clctechs
    LVL 39

    Accepted Solution

    Please try to follow an article on that blog to clean up lingering objects within a forest at

    LVL 57

    Expert Comment

    by:Mike Kline
    You will want to enable auditing to see why objects are being deleted (and who is deleting them).  That should not be happening

    Some programs that are nice to get rid of old objects

    oldcmp by Joe Richards (also works for users)

    ADTidy (GUI tool)

    Both tools are free


    LVL 7

    Expert Comment


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Maximize Your Threat Intelligence Reporting

    Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

    As network administrators; we know how hard it is to track user’s login/logout using security event log (BTW it is harder now in windows 2008 because user name is always “N/A” in the grid), and most of us either get 3rd party tools, or just make our…
    Companies that have implemented Microsoft’s Active Directory need to ensure that the Active Directory is configured and operating properly. If there are issues found and not resolved, it eventually leads the components to fail or stop working and fi…
    This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
    This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    10 Experts available now in Live!

    Get 1:1 Help Now