PS AD – Papierkorb Restore AD Object

# Suche nach AD Object
Get-ADobject -Filter {Deleted -eq $true -and ObjectClass -eq "user" -and ObjectClass -ne "computer"} -IncludeDeletedObjects

Get-ADobject -Filter {Deleted -eq $true -and ObjectClass -eq "user" -and ObjectClass -ne "computer"} -IncludeDeletedObjects -property * | Format-List DisplayName,ObjectGUID

# Suche nach AD Object
Get-ADObject -SearchBase "CN=Deleted Objects,DC=ndsedv,DC=de" -ldapFilter "(objectClass=*)" -includeDeletedObjects | Format-List Name,ObjectClass,ObjectGuid

Get-ADObject -SearchBase "CN=Deleted Objects,DC=ndsedv,DC=de" -ldapFilter "(objectClass=user)" -includeDeletedObjects | Format-List Name,ObjectClass,ObjectGuid

Get-ADObject -SearchBase "CN=Deleted Objects,DC=ndsedv,DC=de" -ldapFilter "(objectClass=computer)" -includeDeletedObjects | Format-List Name,ObjectClass,ObjectGuid

Get-ADObject -SearchBase "CN=Deleted Objects,DC=ndsedv,DC=de" -ldapFilter "(objectClass=group)" -includeDeletedObjects | Format-List Name,ObjectClass,ObjectGuid

Get-ADObject -filter 'isDeleted -eq $true -and name -ne "Deleted Objects"' -includeDeletedObjects -properties * | ft msDS-LastKnownRDN,lastKnownParent -AutoSize

# Suche nach AD Object und Export
$Deleted = Get-ADObject -Filter {(isdeleted -eq $true)} -includeDeletedObjects -property DistinguishedName,isDeleted,whenChanged,lastknownparent

$Deleted | export-csv C:\Temp\deleted.csv -NoTypeInformation

# Restore AD Object
Restore-ADObject -Identity b663e500-1a75-4ed0-b8c8-8f97a2e35afd

Get-ADObject -Filter 'samaccountname -eq "Test"' -IncludeDeletedObjects | Restore-ADObject -NewName "Test"

# Restore all AD Object deleted at 29.10.2017 after 15:00 Uhr
$time = New-Object Datetime(2017, 10, 29, 15, 00, 00)
Get-ADObject -filter 'whenChanged -gt $time -and isDeleted -eq $true' -IncludeDeletedObjects -properties * | Foreach-Object {Restore-ADObject $_.objectguid -NewName $_.samaccountname -TargetPath $_.LastKnownParent}

# Restore AD Objects from List
ForEach ($SamAccountName in Get-Content "C:\Temp\Samaccounts.txt"){$user = $SamAccountName
Get-ADObject -Filter {samaccountname -eq $user} -IncludeDeletedObjects -Properties * | ForEach-Object {Restore-ADObject $_.objectguid -NewName $_.samaccountname -TargetPath $_.LastKnownParent}
}

# Search & Restore OrganizationlUnit
Get-ADObject -filter 'isdeleted -eq $true -and name -ne "Deleted Objects" -and ObjectClass -eq "organizationalUnit"' -includeDeletedObjects -property * | ft Name,ObjectClass,ObjectGuid -Wrap

Get-ADObject -Filter 'ObjectGUID -eq "4dc19018-a884-4f4a-9594-219d02e3e50f"' -IncludeDeletedObjects | Restore-ADObject -NewName "Herne"

# Papierkorb aktivieren
$Forest = (Get-ADForest).Name
Enable-ADOptionalFeature -Identity 'Recycle Bin Feature' -Scope ForestOrConfigurationSet –Target $Forest

# Set Lifetime
$DeletedObjectLifetime = 190
$RootDSE = Get-ADRootDSE
$Configuration = $RootDSE.configurationNamingContext
$Params = @{
Identity = "CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,DC=ndsedv,DC=de"
Partition = $Configuration
Replace = @{'msDS-DeletedObjectLifetime' = $DeletedObjectLifetime}
}
Set-ADObject @Params

MD5: 534339A2BBF093DD06FC6E8D892D7CEF

Restore AD Object

Set Active Directory Tombstone