Re: Lookup account based on SID

Tech-Archive recommends: Fix windows errors by optimizing your registry

---

• From: "Raterus" <raterus@xxxxxxxxxxx>
• Date: Wed, 16 Aug 2006 17:05:11 -0400

---

Thank you so much for your help on this. I was able to pull quite a few deleted results, unfortunately, I wasn't able to match up the SID to any of the results. I suppose it was so old enough that it was completely purged from our directory!

--Michael

"Paul Williams [MVP]" <ptw2001@xxxxxxxxxxx> wrote in message news:OD8Sm8WwGHA.1304@xxxxxxxxxxxxxxxxxxxxxxx

The following command will list all deleted items and their attributes:

adfind -default -showdel -f isdeleted=TRUE


Note. TRUE has to be uppercase!

To help narrow down what you're after, modify the filter to return a smaller
set of results, e.g.

adfind -default -showdel -f "&(isdeleted=TRUE)(objectClass=user)" objectSID
cn


Here's an example of running this (watch out for the line wrap):

C:\>adfind -default -showdel -f "&(isdeleted=TRUE)(objectClass=user)"
objectSID cn

AdFind V01.31.00cpp Joe Richards (joe@xxxxxxxxxxx) March 2006

Using server: connoa-dc-01.connoa.concorp.contoso.com:389
Directory: Windows Server 2003
Base DN: DC=connoa,DC=concorp,DC=contoso,DC=com

dn:CN=SystemMailbox{B568EBEE-E7AA-4314-BAD7-395CD9B8B6A6}\0ADEL:f81b09da-f0b3-4b31-8a91-ee6f915c8738,CN=Deleted
Objects,DC=connoa,DC=concorp,DC=contoso,DC=com

cn:
SystemMailbox{B568EBEE-E7AA-4314-BAD7-395CD9B8B6A6}\0ADEL:f81b09da-f0b3-4b31-8a91-ee6f915c8738
objectSid: S-1-5-21-1430762484-151603713-2225133899-1111

dn:CN=Test User\0ADEL:62d68607-9dac-426e-b572-ca1ea6cffafd,CN=Deleted
Objects,DC=connoa,DC=concorp,DC=contoso,DC=com

cn: Test User\0ADEL:62d68607-9dac-426e-b572-ca1ea6cffafd
objectSid: S-1-5-21-1430762484-151603713-2225133899-1145

2 Objects returned

C:\>


Note that the CN attribute has been renamed to <original cn>\0ADEL:<GUID>.

The original CN bit, before the escape character, is what you're after.

--
Paul Williams
Microsoft MVP - Windows Server - Directory Services
http://www.msresource.net | http://forums.msresource.net

.

---

• Follow-Ups:
  • Re: Lookup account based on SID
    • From: Paul Williams [MVP]

• References:
  • Lookup account based on SID
    • From: Raterus
  • Re: Lookup account based on SID
    • From: Paul Williams
  • Re: Lookup account based on SID
    • From: Raterus
  • Re: Lookup account based on SID
    • From: Paul Williams [MVP]

• Prev by Date: Re: DNS Question
• Next by Date: Re: Active Directory Expiration Notification
• Previous by thread: Re: Lookup account based on SID
• Next by thread: Re: Lookup account based on SID
• Index(es):
  • Date
  • Thread

---

Relevant Pages Copy 40GB File between 2 Win2K3s ... When I try to pull a ~40 GB file from one Windows Server 2003 to another, ... requested service. ... "Removed physical address extension from ARC path in Boot.ini file to ... (microsoft.public.windows.server.general) Re: Do you want a Logitech Camera or Others? ... And stupid enough to post links to illegal MS software on a server owned by ... Casio DW9052-1V pattern Mens G-Shock Sport Watch $29.75 ... Adobe Acrobat 7.0 Professional Pro Windows version $28.80 ... Windows Server 2003 Enterprise Edition $36.00 ... (microsoft.public.windowsxp.general) Re: IE Favorites ... Mind the wrap. ... Paul Williams ... Microsoft MVP - Windows Server - Directory Services ... (microsoft.public.windows.server.active_directory) Re: Copy AD info using SQL DTS ... pull SOME info. ... Paul Williams ... Microsoft MVP - Windows Server - Directory Services ... (microsoft.public.windows.server.active_directory)

---

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

www.tech-archive.net  > Archive  > Windows  > microsoft.public.windows.server.active_directory  > 2006-08