Why is it that MS hasn't added a deleted Security Principal retention for AD much like Exchange Server's deleted mailbox retention? Wouldn't that greatly simply recovering from small mishaps? I am not talking about the tombstone feature with Windows 2003 AD where you still have to manually recover Group Membership when recovering an account, but something actually intelligent and useful that would restore Group Membership when restoring accounts. Shit, recover a Group from Deleted Security Principal retention and have it add the back links to the memberof attribute of the users that were members of the Group before the Group was deleted. Recover an OU and it restores Security Principals and Members and Memberof attributes of all Security Principals within the OU. Anybody heard of something like this coming down the pike?
Shawn Hayes MCSE (2003, 2000, NT) Messaging Systems Engineer City of Virginia Beach (757) 219-2057
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META http-equiv=Content-Type content="text/html; charset=iso-8859-1"> <META content="MSHTML 6.00.2900.2523" name=GENERATOR></HEAD> <BODY style="MARGIN-TOP: 2px; FONT: 10pt Arial; MARGIN-LEFT: 2px"> <DIV>Why is it that MS hasn't added a deleted Security Principal retention for AD much like Exchange Server's deleted mailbox retention? Wouldn't that greatly simply recovering from small mishaps? I am not talking about the tombstone feature with Windows 2003 AD where you still have to manually recover Group Membership when recovering an account, but something actually intelligent and useful that would restore Group Membership when restoring accounts. Shit, recover a Group from Deleted Security Principal retention and have it add the back links to the memberof attribute of the users that were members of the Group before the Group was deleted. Recover an OU and it restores Security Principals and Members and Memberof attributes of all Security Principals within the OU. Anybody heard of something like this coming down the pike?</DIV> <DIV> </DIV> <DIV>Shawn Hayes<BR>MCSE (2003, 2000, NT) Messaging<BR>Systems Engineer<BR>City of Virginia Beach<BR>(757) 219-2057<BR></DIV></BODY></HTML>
