headadmin.net

Restore a deleted Active Directory object with PowerShell

This requires that you have enabled the enable Active Directory Recycle Bin before you deleted the object.

Run Windows PowerShell as Administrator.

Start by loading the Active Directory module for Windows PowerShell:
Import-Module ActiveDirectory

List all deleted users (for some reason computer objects also are included when you use objectclass -eq “user):
get-adobject -filter ‘objectclass -eq “user” -AND IsDeleted -eq $True’ -IncludeDeletedObjects -properties IsDeleted,LastKnownParent | Format-List Name,IsDeleted,LastKnownParent,DistinguishedName

List all deleted groups:
get-adobject -filter ‘objectclass -eq “group” -AND IsDeleted -eq $True’ -IncludeDeletedObjects -properties IsDeleted,LastKnownParent | Format-List Name,IsDeleted,LastKnownParent,DistinguishedName

List all deleted computers:
get-adobject -filter ‘objectclass -eq “group” -AND IsDeleted -eq $True’ -IncludeDeletedObjects -properties IsDeleted,LastKnownParent | Format-List Name,IsDeleted,LastKnownParent,DistinguishedName

List all deleted objects:
get-adobject -filter ‘IsDeleted -eq $True’ -IncludeDeletedObjects -properties IsDeleted,LastKnownParent | Format-List Name,IsDeleted,LastKnownParent,DistinguishedName

If you want the output in a text file:
1. Create a script file named list_deleted_users.ps1 and save it to C:\Script\.
2. Use the follwong code in the script:
Import-Module ActiveDirectory
get-adobject -filter ‘objectclass -eq “user” -AND IsDeleted -eq $True’ -IncludeDeletedObjects -properties IsDeleted,LastKnownParent | Format-List Name,IsDeleted,LastKnownParent,DistinguishedName
3. Save the script file.
4. In PowerShell navigate to C:\Script and run the following command:
.\list_deleted_users.ps1 > output.txt
5. You will now have the output from the script in C:\Script\output.txt.

To restore an object named Daniel Svensson:
get-adobject -filter ‘name -like “Daniel Svensson*”‘ -IncludeDeletedObjects | Restore-ADObject

To test the restore you can use –whatif.
get-adobject -filter ‘name -like “Daniel Svensson*”‘ -IncludeDeletedObjects | Restore-ADObject –whatif

Posted

in

, , ,

by

Daniel

Tags:

,

Comments

4 responses to “Restore a deleted Active Directory object with PowerShell”

  1. Stephen Avatar
    Stephen

    A simple tool for active directory deleted objects restore operation with advanced options.try that link.

    http://www.adsysnet.com/downloads/ASNActiveDirectoryManagerV10.msi

  2. Mackay Avatar
    Mackay

    @Stephen, Latest version of ASN Active Directory Manager available here.

    http://adsysnet.com/downloads.aspx

    latest version supports multi domain.

  3. ammar Avatar
    ammar

    informative, thanks

  4. Danny Avatar
    Danny

    computer objects are a derivate of the user class.. that is why they show up on your filter :)

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.