Restore Active Diectory Users

Hello Experts,

Unfortunately I removed some mailboxes to allow the deletion of an Exchange 2013 database using the "remove-mailbox name" command. I didn’t appreciate that this would also remove the AD users account as well!! I have since been trying to recover the user accounts and I'm running out of ideas. Firstly the AD recycle bin wasn’t enabled, I have tried LDP.exe and ADrestore.net but no luck as the deleted items container is empty. I created and deleted a test account and it did populate the deleted container in ldp.exe so it’s working. I have tried looking up this issue but everything seems to be geared to recovering the mailbox not the AD user account.

Any ideas please on how to recover the user account, not the mailbox?
markfureyAsked:
Who is Participating?
 
markfureyAuthor Commented:
Couldn't restore the user accounts and no backups as Server was at an interim stage so I rebuilt a new domain/controller and migrated user profiles.
0
 
valmaticCommented:
Sounds like aside from having some sort of tape backup of AD, which you don't you tried most the ways i have ever seen. Good luck!
0
 
markfureyAuthor Commented:
Yep, I just don’t understand why the objects aren’t present when deleted from Exchange using the remove-mailbox command; does it delete the objects differently?
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

 
valmaticCommented:
Disable mailbox in exchange removes the exchange attributes from the user and marks the box for deletion in exchange. Remove mailbox gets rid of the user and the mailbox, they changed this wording back in ex 2007 i believe.
0
 
Seth SimmonsSr. Systems AdministratorCommented:
I didn’t appreciate that this would also remove the AD users account as well!!

it is documented that that is the expected result

Use the Remove-Mailbox cmdlet to delete mailboxes and the associated user accounts.

Remove-Mailbox
http://technet.microsoft.com/en-us/library/aa995948(v=exchg.150).aspx

going forward, use disable-mailbox to only remove the mailbox

Disable-Mailbox
http://technet.microsoft.com/en-us/library/aa997210(v=exchg.150).aspx
0
 
markfureyAuthor Commented:
I've requested that this question be closed as follows:

Accepted answer: 0 points for markfurey's comment #a40472569

for the following reason:

No one provided an answer started new AD domain from scratch.
0
 
valmaticCommented:
No points, we provided you insight as to why you could not get these objects back. Just because you screwed up and there was no way to recover the object does not mean no one should get points for their effort.
0
 
Rob JurdEE Community AdvisorCommented:
I've requested that this question be closed as follows:

Accepted answer: 0 points for markfurey's comment #a40472569

for the following reason:

As initially stated by the author
0
 
valmaticCommented:
Umm, there is no way to resolve the issue since he did not make a backup..... He wanted to know why his boxes were gone and we explained he did not know the difference between remove and disable the boxes. Our effort is worth points.
0
 
valmaticCommented:
eenookami - hahaha is somebody frustrated!
0
 
markfureyAuthor Commented:
IIts all done and dusted now and I have rebuilt a new AD domain, what I couldn’t understand was why I couldn’t recover AD objects, namely the user accounts in the normal way and wondered if removing user accounts by running the "remove-mailbox" command somehow permanently deleted the user objects.

Hopefully this will put an end to it, obviously some people have too much time on their hands!
0
 
valmaticCommented:
The problem is that some people who have extra time come here to help out and you get these certain people who act like points are money out of their own pocket and instead of saying thanks you kick them in the.. and say no one deserves anything for their input.
If people did not have too much time on their hand EE would not exist right! Most people here make a point to try and answer questions as a way to give back for the help they get on theirs. But you are obviously a poc know it all.
0
 
markfureyAuthor Commented:
Have as many points as you want, I don't give a ****! I realise that I "screwed up" as you put it, and as soon as the command was run and the realisation that it also removed AD accounts was evident I then looked-up the commands for confirmation, I didn't need further confirmation. My issue was why I couldn't then restore the AD objects which as of yet no one has been able to answer. I'm sure this won't be the end of this dialogue and a sharp reply will be quickly returned, if nothing else it will go someway to show my previous observation regarding "time" is a least in someway correct.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.