ADRestore GUI version

27 Nov

Accidentally deleted user, computer account or OU’s from Active Directory. Don’t worry, now you can get them back using ADRestore tool using GUI interface.

Though there is a command line version of tombstone reanimation tool called adrestore – sysinternals, many people are not CLI savvies and having a GUI version of this functionality could really help them out.

Insight on tombstone: Reanimating Active Directory Tombstone Objects – By Gil Kirkpatrick
Gil Kirkpatrick’s article at Technet

Main features:

  • Browsing the tombstones
  • Domain Controller targeting
  • Can be used with alternative credentials (convenient if you do not logon to your desktop as Domain Admin, which you should never do anyway)
  • User/Computer/OU/Container reanimation
  • Preview of tombstone attributes

Here are some sceenshots:

Enumerating tombstones
1

Previewing the tombstone attributes
2

Restoring a deleted user account
3

Notice that if you delete an OU with accounts in it, you will have to restore first the OUs the accounts were in, otherwise the reanimation of the child object will fail. It is not enough to create an OU with the same name as this will be a totally new object in AD and child object’s lastKnowParent attribute will still reference the deleted OU. Here is a walthrough:

Initial state:
4

TestOU organizational unit is deleted:
5

State of tombstones (notice that lastKnownParent attribute of user and computer accounts reference the deleted OU):
6

OU is restored (lastKnowParent points to the restored OU’s distinguished name):
7

Both computer and user accounts that resided in TestOU are reanimated:
8

Download ADRestore.NET

Don’t forget to post your comments 🙂

Thanks,
Aresh

Useful Blogs:

ADRestore Rewrite: http://blogs.microsoft.co.il/blogs/guyt/ 
Reanimating Active Directory Tombstone Objects: http://technet.microsoft.com/en-us/magazine/cc137800.aspx

7 Responses to “ADRestore GUI version”

  1. mooP May 27, 2009 at 6:47 pm #

    This comment has been removed by the author.

    Reply
  2. Xavier July 29, 2010 at 5:18 pm #

    Great tool!!! thanks!!

    Reply
  3. JD December 27, 2011 at 7:26 pm #

    Thank you very much. This is a very easy to use tool.

    Reply
  4. JSM February 15, 2012 at 11:21 pm #

    Hello Aresh,I have no enough words to thank you… This tool help me to restore a \”RMS Shared Identity user FederatedEmail.4c1f4d8b-8179-4148-93bf-00a95fa1e042\” account in exchange 2010.MS Directory recovery mode did not help me.Keep on doing great work.JSM

    Reply
  5. meep July 24, 2012 at 2:39 pm #

    hi.your download link seems to be dead.. 🙁

    Reply
  6. Graeme Davie March 4, 2014 at 3:45 pm #

    I am trying to download this as I have deleted an OU with 200+ user in but the .zip file is empty.I have tried with Crome and IE can you please advise

    Reply
  7. Martin velez September 8, 2015 at 6:10 pm #

    tryhttp://support.modelamerican.com/downloads/Utilities/Windows/Miscellanous/

    Reply

Leave a Reply

Discover more from AskAresh

Subscribe now to keep reading and get access to the full archive.

Continue reading