How do I restore group membership to an account if the account was moved from the Recycle Bin? (NETIQKB53162)

  • 7753162
  • 02-Feb-2007
  • 19-Jun-2007

Resolution

goal
How do I restore group membership to an account if the account was moved from the Recycle Bin?

goal
How do I recover an account from the Recycle Bin if it has been moved with native tools?

goal
Can I recover an account that I deleted in DRA?

fact
Directory and Resource Administrator 7.x

fact

Directory and Resource Administrator 8.0



fix

Directory and Resource Administrator creates two objects for each user account when an administrator moves an account to the Recycle Bin:

  • A disabled user object for the deleted user (example: username)
  • A group object that holds the group membership information and the original OU location of the deleted user object (example: NetIQRecycleBinObj_username)

You can use the Active Directory Users and Computers tool to see these objects in a "hidden" OU called NetIQRecycleBin.

If the NetIQRecycleBinObj_username object is in the NetIQRecycleBin OU, you should be able to recover group membership for the user account. If the object does not exist in the OU, however, you will not be able to recover group membership.

To recover group membership for a user account:

  1. Start the Active Directory Users and Computers Administrative Tool.
  2. Using Active Directory Users and Computers, move the user account back to the NetIQRecycleBin OU. You must be using the Advanced Features view in the Active Directory Users and Computers tool to see "hidden" OUs.
  3. Perform a manual (incremental) accounts cache refresh on the domain.
  4. Start Directory and Resource Administrator.
  5. Expand Recycle Bin > Container.
  6. Type the name of the deleted user account in the Contains text box and click Find Now.
  7. Right-click the user account in the list view and select Restore. DRA may ask you to specify the OU into which the object should be restored.

Once restored, the user account should show the correct group membership.



note
For more information about recovering deleted accounts, see NetIQ Knowledge Base article NETIQKB21415: "Two objects are created for each user when a user is moved to the recycle bin." https://www.netiq.com/kb/esupport/consumer/esupport.asp?id=NETIQKB21415

Additional Information

Formerly known as NETIQKB53162