The GPOGUY-- Group Policy Blog

Well, despite the morbid title, this is not about dead things. Well, not quite.  And amazingly its not about Group Policy either. 

In my ever increasing thirst for PowerShell knowledge, I thought I would experiment a bit with some Active Directory-based cmdlets this time. The result is two free PowerShell Cmdlets that retrieve and reanimate AD Tombstones (for an excellent backgrounder article on Tombstone Reanimation, check out Gil Kirkpatrick's piece in TechNet Magazine from last September).

You can optionally register for and download these new AD tombstone cmdlets at www.sdmsoftware.com/freeware. Once you download and install the setup, and launch the console file that comes with it, you'll have two new cmdlets at your disposal*:

get-SDMADTombstone

restore-SDMADTombstone

The first cmdlet, most obviously retrieves a listing of all deleted objects in a given domain. You can filter the results using the -Filter parameter to search for a given text string within the DN of the deleted object. The 2nd cmdlet, which does the actual restoral work, is meant to be used with the first one. So, for example, if I have a user "Dick Evans" who was deleted, and I want to restore him, I can issue the following command:

get-SDMADTombstone -Filter Evans | restore-SDMADTombstone

The restore- cmdlet also implements the -whatif parameter, so that you can see what objects will be restored prior to pulling the trigger.

So, I encourage everyone to download and check it out and provide feedback. I look forward to hearing your input.

Have fun!

Tags:

Active Directory, PowerShell, Tombstone Reanimation

* Note: This blog post was edited after the initial posting. Thanks to feedback from Dmitry, I renamed the cmdlets to be singular, in keeping with PowerShell convention, and also changed the output format of the date fields. Otherwise, everything is the same!