Guide: How to Recover Deleted User Account in Active Directory 2008

Approved

How to Restore A Deleted Active Directory User Account in Windows Server 2008

When we delete a user account from Active Directory, whether on purpose or not, it won’t be removed immediately from AD database. Instead, it is hidden and preserved in someplace called Deleted Objects. However, this tombstoned object don’t hang around indefinitely but 180 days by default (Domain Admin can customize the tombstone data on adsiedit.msc). That’s to say, if you accidently delete users from Active Directory 2008, you can bring it back within 180 days. In the following part, I will show you how to retrieve deleted user account in Active Directory 2008 step by step.

Part 1: How to Find Deleted Users in Active Directory 2008
Part 2: How to Retrieve Deleted User Account in Active Directory

 

Part 1: How to Find Deleted Users in Active Directory 2008

As mentioned above, when Active Directory user accounts are deleted, they are placed in the Deleted Objects which cannot be easily found through either desktop or folders. To display the deleted accounts, you can use the Ldp.exe domain administration tools in Active Directory Domain Services (AD DS). Here is what to do:

1. Press Win + R to open Run dialog and type ldp.exe.

2. To restore a deleted Active Directory object, the first thing is to bind to the 2008 server that hosts the forest root domain of your AD DS environment. Under Connections click Connect and the Bind.

bind domain admin connections with server in ldp

3. Enter the domain admin user name and password and domain environment you need to log in. Click OK and you will see the message saying Authenticated ad dn: ‘Administrator’ and other information.

 ad ds administrator authentication on windows server

4. Navigate to Options section and click Controls, then scroll down the Load Predefined menu and choose Return deleted objects. Click OK.

return deleted objects in active directory

5. Now go back to the main screen and choose View, click Tree and type DC=, DC= in BaseDN. Here mydomian refers to the forest root domain name of your AD DS.

enter basedn in tree view

6. Double click DN in the console tree and locate the CN=Deleted Objtects, DC=, DC= container, where you will see the deleted Active Directory user account.

 locate deleted ad account in tree view

 

Part 2: How to Retrieve Deleted User Account in Active Directory

Now that we have find the deleted object, the next step is to recover deleted active directory user account from the Deleted Objects container.

1. Right click the deleted account in the console tree and choose Modify.

2. In Edit Entry Attribute, type isDeleted.

modify deleted ad account entry attribute

3. Keep the Values text box empty.

4. Choose Delete from Operations and click Enter.

5. In Edit Entry Attribute, type distinguishedName.

6. Enter Active Directory object original DN in the Values: CN=deleted AD user name, OU= department, DC=domain name, DC=com.

7. Under Operations, choose Replace this time.

8. Check Extended box on the bottom and click Enter, then click Run.

If everything goes smoothly, it will not return any error message. Now go back to Active Directory Users and Computers console and enter original OU, you will find the deleted user account in AD server 2008 has been successfully restored.

However, you may notice that the recovered account is disabled by default. This is because once the AD objects are deleted, all attributes related to this account will also be removed except for the objectGuide, so you will need to add back the group memberships in the AD tree later.

Tip: If you are domain admin user and happen to forget or lose Domain Controller password, or want to self-service reset computer login password, Windows Password Key will be a good assistant to help you recover or reset domain admin password, local user password and Microsoft user password with easiest operations and highest speed. It can even create a new domain account when the DC is hacked. See how to reset Administrator password on Windows Server 2003/2008/2012 AD now.

Recommended Product
  • Reset/Remove Windows admin and other user password for local/domain account.
  • Create a new local/domain admin account to unlock your computer.
  • Change your Microsoft account password offline.
  • Fully support Windows 10/8.1/8/7/Vista/XP, Windows Server 2012 (R2)/2008 (R2)/2003 (R2).
Free Download
 
 
Related Articles
Top 3 Ways to Reset Password on Windows Server 2016/2012/2008 Raid
2 Options to Reset Directory Service Restore Mode Password in Windows Server 2012 (R)/2008 (R)/2003 (R)
2017’s Best Active Directory Password Reset Tool to Change Domain Admin Password
 

 

comments powered by Disqus

;