Restoring deleted objects
The Web Interface can be used to restore deleted objects in any managed domain that is configured to enable Active Directory Recycle Bin—a feature of Active Directory Domain Services introduced in Microsoft Windows Server 2008 R2.
To undo deletions, Active Roles relies on the ability of Active Directory Recycle Bin to preserve all attributes, including the link-valued attributes, of the deleted objects. This makes it possible to restore deleted objects to the same state they were in immediately before deletion. For example, restored user accounts regain all group memberships that they had at the time of deletion.
This section provides instructions on how to restore deleted objects by using the Web Interface. For more information, see the “Recycle Bin” chapter in the Active Roles Administration Guide.
Locating deleted objects
If Active Directory Recycle Bin is enabled in a managed domain, the Web Interface provides access to the Deleted Objects container that holds the deleted objects from that domain. On the Tree tab in the Browse pane, the Deleted Objects container appears at the same level as the domain object, under the Active Directory node. If multiple managed domains have Active Directory Recycle Bin enabled, then a separate container is displayed for each domain. To tell one container from another, the name of the container includes the domain name (for example, MyDomain.MyCompany.com - Deleted Objects).
When you select the Deleted Objects container, the Web Interface lists all the deleted objects that exist in the corresponding domain. The list can be sorted or filtered as appropriate to locate particular objects (see Managing the list of objects earlier in this document). If you click an object in the list, a menu appears that displays all actions you can perform on that object.
Searching the Deleted Objects container
To locate deleted objects, you can perform a search in the Deleted Objects container:
- On the Tree tab in the Browse pane, click the Deleted Objects container.
- In the Command pane, click Search under this container.
- Specify criteria for the deleted objects that you want to find:
- To search by naming properties, type in the Search field on the Toolbar. The Web Interface will search for objects whose naming properties match what you typed. The naming properties include name, first name, last name, display name, and logon name.
- To search by other properties, click the button on the right side of the Toolbar to expand the Toolbar, click Add criteria, choose the properties by which you want to search, click Add, and then configure the criteria as appropriate. The Web Interface will search for objects that match the criteria that you configured.
- Press Enter to start the search.
Locating objects deleted from a certain OU or MU
To view a list of objects that were deleted from a particular Organizational Unit (OU) or Managed Unit (MU), you can use the View or Restore Deleted Objects command. The command opens a page that lists the deleted objects that were direct children of the corresponding OU or MU at the time of deletion.
To view a list of objects that were deleted from a particular OU or MU
- Select the OU or MU that held deleted objects you want to view.
- In the Command pane, click View or Restore Deleted Objects.
The Web Interface lists the objects that were deleted from the OU or MU you selected. The list can be sorted or filtered as appropriate to locate particular objects (see Managing the list of objects earlier in this document).
NOTE: The View or Restore Deleted Objects command is also available on domain and container objects.