Bob
From: [EMAIL PROTECTED] on behalf of Grillenmeier, Guido
Sent: Thu 8/11/2005 4:50 PM
To: [email protected]
Subject: RE: [ActiveDir] A bad bad thing...Manual push of AD?
it'll try - but as the version of the tombstone object will then
be
lower than that of the auth. restored object, the local change on
the
deleted object itself will simply be disregarded and the object
+
attributes restored (read: they will be overwritten by the
auth.
restored object which have a higher version number).
but the
main point Brett is also making seems to be ignored in the rest
of this
thread => although we still don't know Shadow Roldan's OS
version, the
probability is somewhat high that he's not using Win2003
SP1 (maybe not even
any non-SP1 Win2003), which means that he has to
take special care of the
links that the deleted object was linked to
(read: mainly the
group-memberships he had).
Depending on the version of the DC OS, these
won't be restored on the
unplugged DC (Win2000 won't help you at all, Win2003
would revive the
links if they were LVR links, Win2003 SP1 will also get the
non-LVR
links back and write them to an ldif file so that you can restore
the
links by importing the ldif file).
/Guido
-----Original
Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]
On Behalf Of Rick Kingslan
Sent: Donnerstag, 11. August 2005 22:10
To:
[email protected]
Subject: RE: [ActiveDir] A bad bad
thing...Manual push of AD?
Brett,
How is this going to help him
get the DC back online that he yanked the
cable on? As soon as that
system is plugged back in, it's going to repl
out
the change,
no?
Rick
-----Original Message-----
From:
[EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]
On Behalf Of Brett Shirley
Sent: Thursday, August 11, 2005 1:54 PM
To:
[email protected]
Subject: Re: [ActiveDir] A bad bad
thing...Manual push of AD?
Well you're lucky that you yanked the
network cable in time, now you
don't
have to do a system state restore to
get the user back ...
Find a DC where the user still exists in a pristine
condition, all the
mailbox details, etc. Reboot the DC in DS Restore
mode(DSRM). Use
ntdsutil.exe to auth restore just that user's
object.
You may (probably will) also have to restore links to that user,
at this
point it'd be nice if you were running on Win2k3 SP1, but if not it
is
still accomplishable.
For Win2k3 Sp1, after auth restoring the
user, there should be some ldf
file(s) that will allow you to restore the
links. Simply use ldifde, to
apply these files to the appropriate DCs
(up to one ldf per domain).
For pre this latest generation (which is more
likely, because you could
yank the net cable in time), you may have to find
the objects that are
linked to the user, and restore them yourself. You
can do this by
performing an LDAP operation that deletes and re-sets the
links to that
user.
BTW, there is a more extensive KB article you
might find useful:
http://support.microsoft.com/?kbid=840001
Cheers,
BrettSh
This
posting is provided "AS IS" with no warranties, and confers
no
rights.
On Thu, 11 Aug 2005, Shadow Roldan wrote:
> So I
did a bad thing, I deleted a user at a different site and marked
> his
mailbox for deletion
>
> Immediately recognizing my mistake I *ran*
to the server room and
yanked
> the network cable of the dc I was
connected to.
>
> For now, none of the changes have
replicated.
>
> I want to bring this machine back online, but I
don't want those
changes
> to go through
>
> How would you
make this happen?
>
> Thanks
guys
>
>
>
> S
>
>
> List
info : http://www.activedir.org/List.aspx
>
List FAQ : http://www.activedir.org/ListFAQ.aspx
>
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
>
List
info : http://www.activedir.org/List.aspx
List
FAQ : http://www.activedir.org/ListFAQ.aspx
List
archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
List
info : http://www.activedir.org/List.aspx
List
FAQ : http://www.activedir.org/ListFAQ.aspx
List
archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
List
info : http://www.activedir.org/List.aspx
List
FAQ : http://www.activedir.org/ListFAQ.aspx
List
archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
