That’s right I had one of those days. I was deleting a user and accidentally deleted an OU containing every user at work. Needless to say everyone’s access to all our internal systems ceased immediately. after mashing my keyboard and mashing CTRL-Z (UNDO) which doesn’t exist in active directory users and computers, which I knew I just mashed it anyway whilst yelling a few colorful words at my monitors. Anyway I was left with the task of restoring all our users. Luckily I had the active directory directory restore mode password. Anyway, rebooted into active directory restore mode. and the desktop would come up after the login prompt and successful authentication. FUCK! anyway I was able to hit ctrl-alt-delete and get into task manager, and disable the exchange services, next reboot to AD restore mode was successful. We were running Backup Exec 11d. Which I couldn’t start as Domain Auth doesn’t work in AD restore mode. Changed the services to login as local administrator and backup exec was up and running. Restored the OU using backup exec.
ran ntdsutil
authoritative restore
restore subtree “OU=Staff Accounts,DC=domainname,DC=local
quit
quit
Rebooted and the OU was still missing. At this point I was starting to think I’d have to recreate all the accounts and reattach the mailboxes.
Anyway so I figured I’d attempt it again, same result.
So I restored the whole system state.
ran ntdsutil
authoritative restore
restore database
quit
quit
Rebooted, the server came up, the OU had returned.!!! WOHOO!
anyway finished the day up at the pub. as you do.
Microsoft Documentation on authoritative restores
Leave a Reply
You must be logged in to post a comment.