Locating objects deleted from a certain OU or MU
To view a list of objects that were deleted from a particular Organizational Unit (OU) or Managed Unit (MU), you can use the View or Restore Deleted Objects command. The command opens a page that lists the deleted objects that were direct children of the corresponding OU or MU at the time of deletion.
To view a list of objects that were deleted from a particular OU or MU
- Select the OU or MU that held deleted objects you want to view.
- In the Command pane, click View or Restore Deleted Objects.
The Web Interface lists the objects that were deleted from the OU or MU you selected. The list can be sorted or filtered as appropriate to locate particular objects (see Managing the list of objects earlier in this document).
|
|
NOTE: The View or Restore Deleted Objects command is also available on domain and container objects. |
Restoring a deleted object
You can restore deleted objects by using the Restore command that is available in the Command pane when you select a deleted object in the Web Interface.
To restore a deleted object
- In a list of deleted objects, select the object you want to undelete. For instructions on how to build a list deleted objects, see Locating deleted objects.
- In the Command pane, click Restore.
- Review and, if necessary, change the settings in the Restore Object dialog box, and then click OK to start the restore process.
The Restore Object dialog box prompts you to choose whether the deleted child objects (descendants) of the deleted object should also be restored. The Restore child objects check box is selected by default, which ensures that the Restore command applied on a deleted container restores the entire contents of the container.
|
|
NOTE: When restoring a deleted object, ensure that its parent object is not deleted. You can identify the parent object by viewing properties of the deleted object: the canonical name of the parent object, preceded with the “Deleted from:” label, is displayed beneath the name of the deleted object on the property page for that object. If the parent object is deleted, you need to restore it prior to restoring its children because deleted objects must be restored to a live parent. |
Using Approval Workflow
Understanding approval workflow
The approval workflow system included with Active Roles provides:
- A point-and-click interface to configure approval rules, available from the Active Roles console. The approval rules are stored and performed by the Active Roles Administration Service.
- The directory management section of the Web Interface for submitting operation requests for approval. For example, approval rules could be configured so that creation of a user account starts an approval workflow instead of immediately executing the user creation operation. For information on how to use the directory management section, see Managing Active Directory objects earlier in this document.
- The Approval area of the Web Interface to manage operation requests and approvals. This area includes a “to-do” list of the approval tasks the designated user has to carry out, allowing the user to approve or reject operation requests.
The Approval area provides a way to perform change approval actions, allowing you to control changes to directory data that require your approval and monitor your operations that require approval by other persons. You can use the Approval area to:
- Perform approval tasks—approve or reject operations so as to allow or deny the requested changes to directory data. Examples of operations include (but not limited to) creation and modification of user accounts or groups.
- Check the status of your operations—examine whether the changes to directory data you requested are approved and applied, or rejected.
When a Web Interface user makes changes to directory data that require permission from other individuals in an organization, the changes are not applied immediately. Instead, an operation is initiated and submitted for approval. This starts a workflow that coordinates the approvals needed to complete the operation. The operation is performed and the requested changes are applied only after approval. An operation may require approval from one person or from multiple persons.
When an operation is submitted for approval, Active Roles tracks the initiator and the approver or approvers. The initiator is the person who requested the changes. Approvers are those who are authorized to allow or deny the changes. An operation that requires approval generates one or more approval tasks, with each approval task assigned to the appropriate approver. Active Roles administrators configure approval workflow by creating approval rules to specify what changes require approval and who is authorized to approve or deny change requests.
In the Approval area, you can work with the operations for which you are assigned to the approver role. As an approver, you are expected to take appropriate actions on your approval tasks.
To access the Approval area
- On the Web Interface Home page, click in the Approval box.