Sunday, February 26, 2017

How to Restore a User/Group using Adrestore (Adrestore.exe) tool.

Hello Friends , Today i will show you how you can use the Adrestore(Adrestore.exe) tool to restore a deleted user/Group etc. When you delete a user, The user is not completely deleted from Active directory however the user is put in to deleted object container and the deleted user remains in the deleted object container till it's Tomstone period. Recovering a user using Adrestore doesn't bring back all the attributes of the user however it bring back only a subset of the attributes.

The main points about Adrestore tool is as below.
1)The Adrestore tool can be used to recover a user/group.
2)Adrestore doesn't bring back all the attributes of the user.
3)After the recover, The user will be disabled so the user has to be enabled.
4)You will have to manually set a password to the user as the password attribute can't be recovered.

Every user has a "IsDeleted" attribute, When a user is deleted then the "IsDeleted" attribute is set to"True" Which implies that the user is deleted.
I have created a user "netadmin", I have added the below Group membership to the user as the user is an Admin user.

1)Domain Admins.
2)Enterprise Admins.
3)Schema Admins.
4)Domain Users.

Now i accidentally deleted the user netadmin, I will recover the user using Adrestore.
Adrestore is a Microsoft tool which can be downloaded from the below link.
Download the Adrestore tool and save it on a folder.
Open command prompt and go the location where Adrestore resides.
We will be using -r switch to restore the deleted user.
Type Adrestore.exe -r and hit enter.

Once you hit enter , The Adrestore will show all the deleted users/Group one by one and will ask your permission if you want to restore the user/group.

If you know the name of the deleted user and you don't want the Adrestore tool to check all the deleted user then you can also use the command  "Adrestore.exe -r Username" to restore the user.

Once the user is restored then it will show up in Active Directory user and Computers console however the user will be disabled.

We will have to enable the user and then reset the password to use the user account again.
Now the user is recovered however most of it's Attributes are stripped off.

Before the netadmin user was member of Domain admins, Schema Admin, Enterprise Admins and Domain users group however after the restore the user is only a member of Domain users so all the other attributes of the user has to be added manually.