Solved

Restore Active Diectory Users

Posted on 2014-11-25
15
82 Views
Last Modified: 2014-12-04
Hello Experts,

Unfortunately I removed some mailboxes to allow the deletion of an Exchange 2013 database using the "remove-mailbox name" command. I didn’t appreciate that this would also remove the AD users account as well!! I have since been trying to recover the user accounts and I'm running out of ideas. Firstly the AD recycle bin wasn’t enabled, I have tried LDP.exe and ADrestore.net but no luck as the deleted items container is empty. I created and deleted a test account and it did populate the deleted container in ldp.exe so it’s working. I have tried looking up this issue but everything seems to be geared to recovering the mailbox not the AD user account.

Any ideas please on how to recover the user account, not the mailbox?
0
Comment
Question by:markfurey
15 Comments
 
LVL 7

Expert Comment

by:valmatic
ID: 40465039
Sounds like aside from having some sort of tape backup of AD, which you don't you tried most the ways i have ever seen. Good luck!
0
 

Author Comment

by:markfurey
ID: 40465052
Yep, I just don’t understand why the objects aren’t present when deleted from Exchange using the remove-mailbox command; does it delete the objects differently?
0
 
LVL 7

Expert Comment

by:valmatic
ID: 40465087
Disable mailbox in exchange removes the exchange attributes from the user and marks the box for deletion in exchange. Remove mailbox gets rid of the user and the mailbox, they changed this wording back in ex 2007 i believe.
0
MS Dynamics Made Instantly Simpler

Make Your Microsoft Dynamics Investment Count  & Drastically Decrease Training Time by Providing Intuitive Step-By-Step WalkThru Tutorials.

 
LVL 35

Expert Comment

by:Seth Simmons
ID: 40465095
I didn’t appreciate that this would also remove the AD users account as well!!

it is documented that that is the expected result

Use the Remove-Mailbox cmdlet to delete mailboxes and the associated user accounts.

Remove-Mailbox
http://technet.microsoft.com/en-us/library/aa995948(v=exchg.150).aspx

going forward, use disable-mailbox to only remove the mailbox

Disable-Mailbox
http://technet.microsoft.com/en-us/library/aa997210(v=exchg.150).aspx
0
 

Accepted Solution

by:
markfurey earned 0 total points
ID: 40472569
Couldn't restore the user accounts and no backups as Server was at an interim stage so I rebuilt a new domain/controller and migrated user profiles.
0
 

Author Comment

by:markfurey
ID: 40473642
I've requested that this question be closed as follows:

Accepted answer: 0 points for markfurey's comment #a40472569

for the following reason:

No one provided an answer started new AD domain from scratch.
0
 
LVL 7

Expert Comment

by:valmatic
ID: 40473643
No points, we provided you insight as to why you could not get these objects back. Just because you screwed up and there was no way to recover the object does not mean no one should get points for their effort.
0
 
LVL 2

Expert Comment

by:Rob Jurd (eenookami)
ID: 40474514
I've requested that this question be closed as follows:

Accepted answer: 0 points for markfurey's comment #a40472569

for the following reason:

As initially stated by the author
0
 
LVL 7

Expert Comment

by:valmatic
ID: 40474515
Umm, there is no way to resolve the issue since he did not make a backup..... He wanted to know why his boxes were gone and we explained he did not know the difference between remove and disable the boxes. Our effort is worth points.
0
 
LVL 7

Expert Comment

by:valmatic
ID: 40476170
eenookami - hahaha is somebody frustrated!
0
 

Author Comment

by:markfurey
ID: 40478072
IIts all done and dusted now and I have rebuilt a new AD domain, what I couldn’t understand was why I couldn’t recover AD objects, namely the user accounts in the normal way and wondered if removing user accounts by running the "remove-mailbox" command somehow permanently deleted the user objects.

Hopefully this will put an end to it, obviously some people have too much time on their hands!
0
 
LVL 7

Expert Comment

by:valmatic
ID: 40480486
The problem is that some people who have extra time come here to help out and you get these certain people who act like points are money out of their own pocket and instead of saying thanks you kick them in the.. and say no one deserves anything for their input.
If people did not have too much time on their hand EE would not exist right! Most people here make a point to try and answer questions as a way to give back for the help they get on theirs. But you are obviously a poc know it all.
0
 

Author Comment

by:markfurey
ID: 40481898
Have as many points as you want, I don't give a ****! I realise that I "screwed up" as you put it, and as soon as the command was run and the realisation that it also removed AD accounts was evident I then looked-up the commands for confirmation, I didn't need further confirmation. My issue was why I couldn't then restore the AD objects which as of yet no one has been able to answer. I'm sure this won't be the end of this dialogue and a sharp reply will be quickly returned, if nothing else it will go someway to show my previous observation regarding "time" is a least in someway correct.
0

Featured Post

Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
exchange 7 23
Active Directory 2012 - How do I find the SID of a recently deleted user? 4 32
Round robin for Exchange 2013 4 26
Auto BCC 8 27
This article outlines the process to identify and resolve account lockout in an Active Directory environment.
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question