Authoritative Restore Of Ad Objects
To perform an authoritative restore of objects from active directory you should do as follows:
- Restart DC in Domain Recovery Mode by pressing F8 on the keyboard when booting up
- Login with ./Administrator and the Domain Recovery password you gave the DC
- Then type
wbadmin get versions -backuptarget:backuplocation
- When you have find a backupversion (before the deletion point)
wbadmin start systemstaterecovery -version:ID -backuptarget:backuplocation
Do not reboot when asked!
Then you go into NTDSUTIL
ntdsutil activate instance NTDS
authoritative restore
restore object "distinguishedName"
for single object or
restore subtree "distinguishedName"
for restoring entire OU
When you are running Windows Server and running this within Virtualbox keep the following in mind the let it work
Bibliography
:page revision: 10, last edited: 05 Nov 2009 11:00