How To Query And Restore Deleted AD Users With PowerShell

• Skip to primary navigation
• Skip to main content
• Skip to primary sidebar
• Skip to secondary sidebar

Home » How to Query and Restore Deleted AD Users with PowerShell

When an object is deleted from Active Directory it is not gone for good yet, for a certain retention period (180 days by default) it's possible to restore it. If Active Directory Recycle Bin is activated restoring the object is simple.

If AD Recycle Bin is not enabled, the deleted object is stripped from most of it's properties and it's stored as a tombstone container in AD until the retention period elapses.

Examples of Querying Deleted Active Directory users

# List all deleted AD users Get-ADObject -Filter {isDeleted -eq $true} -IncludeDeletedObjects -Properties * # Query a specific deleted user called Ben by SamAccountName Get-ADObject -Filter {SamAccountName -eq "ben"} -IncludeDeletedObjects -Properties * # Query a specific deleted user if we know the SID Get-ADObject -Filter {objectSid -eq "S-1-5-21-3248668488-3435716276-1094588311-1109"} -IncludeDeletedObjects -Properties *

Restore Deleted AD User from AD Recycle Bin

# Restore the deleted AD user from the Active Directory Recycle Bin Get-ADObject -Filter {UserPrincipalName -eq "[email protected]"} -IncludeDeletedObjects -Properties * | Restore-ADObject

Note: if AD Recycle Bin is not enabled, the following procedure will not work. That case the object needs to be restored from it's tombstone, using the built-in ldp.exe utility in Windows.

Output (deleted object)

The output of the command reveals many attributes of the deleted account, such as the display name, SamAccountName, UserPrincipalName, location before it was deleted, etc.If the AD Recycle Bin is not enabled, certain properties, like the UserPrincipalName, etc will be missing from the deleted object.

PS C:\> Get-ADObject -Filter {SamAccountName -eq "ben"} -IncludeDeletedObjects -Properties * | Format-List *

* click on the illustration to enlarge

Reader Interactions

Comments Cancel reply

Your email address will not be published. Required fields are marked *

Comment *

Name *

Email *

Primary Sidebar

Secondary Sidebar

CONTENTS

• Examples of Querying Deleted Active Directory users
• Restore Deleted AD User from AD Recycle Bin
• Output (deleted object)

Manage your privacy

To provide the best experiences, we and our partners use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us and our partners to process personal data such as browsing behavior or unique IDs on this site and show (non-) personalized ads. Not consenting or withdrawing consent, may adversely affect certain features and functions.

Click below to consent to the above or make granular choices. Your choices will be applied to this site only. You can change your settings at any time, including withdrawing your consent, by using the toggles on the Cookie Policy, or by clicking on the manage consent button at the bottom of the screen.

Functional Functional Always active The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network. Preferences Preferences The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user. Statistics Statistics The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you. Marketing Marketing The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes. Statistics Marketing Features Always active Always active

• Manage options
• Manage services
• Manage {vendor_count} vendors
• Read more about these purposes

Accept Deny Manage options Save preferences Manage options

• {title}
• {title}
• {title}

Manage your privacy To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions. Functional Functional Always active The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network. Preferences Preferences The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user. Statistics Statistics The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you. Marketing Marketing The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes. Statistics Marketing Features Always active Always active

• Manage options
• Manage services
• Manage {vendor_count} vendors
• Read more about these purposes

Accept Deny Manage options Save preferences Manage options

• {title}
• {title}
• {title}

Manage consent Manage consent