Home > Articles > Operating Systems, Server

  • Print
  • + Share This
  • 💬 Discuss
From the author of Viewing Deleted Objects

Viewing Deleted Objects

Once the Active Directory Recycle Bin is enabled, you can use either of two tools to view objects that have been deleted and placed in the Deleted Objects container:

  • ldp.exe Lightweight Directory Access Protocol (LDAP) utility
  • Active Directory Module for Windows PowerShell

Viewing Deleted Objects by Using the ldp.exe Utility

To view deleted objects by using the ldp.exe utility, follow these steps:

  1. Log onto a domain controller.
  2. Click Start > Run, type ldp.exe, and then click OK.
  3. On the Connection menu, select Connect.
  4. In the Connect dialog box (see Figure 4), type the name and domain controller in the forest root domain, and then click OK.
  5. Figure 4 Connect dialog box.

  6. On the Connection menu, select Bind.
  7. In the Bind dialog box (see Figure 5), select the "Bind as currently logged on user" option or the "Bind with credentials" option. Enter the credentials, if applicable. Click OK.
  8. Figure 5 Bind dialog box.

  9. On the View menu, select Tree.
  10. In the Tree View dialog box (see Figure 6), enter the distinguished name of the forest root domain, and then click OK.
  11. Figure 6 Tree View dialog box.

  12. On the Options menu, select Controls.
  13. In the Controls dialog box (see Figure 7), open the Load Predefined drop-down list and select Return deleted objects. Click OK.
  14. Figure 7 Controls dialog box.

  15. Expand the forest root domain in the console tree, as shown in Figure 8. Double-click the "CN=Deleted Objects,DC=Domain,DC=local" node, where DC=Domain,DC=local is the distinguished name of your forest root domain.
  16. Figure 8 Deleted Objects container.

Any deleted objects will be visible in the Deleted Objects container. In Figure 8, the User1 object is visible because it was deleted after the Active Directory Recycle Bin feature was enabled.

Viewing Deleted Objects by Using the Active Directory Module for Windows PowerShell

To view deleted objects by using the Active Directory Module for Windows PowerShell:

  1. Log onto a domain controller.
  2. Click Start > All Programs > Administrative Tools > Active Directory Module for Windows PowerShell.
  3. In the Active Directory Module for Windows PowerShell window (see Figure 9), type the following command:
  4. Get-ADObject -ldapFilter:"(msDS-LastKnownRDN=*)" -IncludeDeletedObjects
  5. Press Enter.
  6. Figure 9 Viewing deleted objects by using the Active Directory Module for Windows PowerShell.

As Figure 9 shows, the deleted objects are listed.

  • + Share This
  • 🔖 Save To Your Account

Discussions

comments powered by Disqus