Re: Authoritative AD restore
- From: "Jorge de Almeida Pinto [MVP - DS]" <SubstituteThisWithMyFullNameSeparatedByDots@xxxxxxxxx>
- Date: Thu, 24 Aug 2006 19:56:46 +0200
ntdsutil "authoritative restore" "restore object <object DN path>" q q
is correct if the DN does not contain spaces
if it contains a space it should be (can also be used if it does not contain
a space):
ntdsutil "authoritative restore" "restore object \"<object DN path>\"" q q
and if each is specified on its own line:
ntdsutil
authoritative restore
restore object "<object DN path>"
q
q
this is also explained in
http://support.microsoft.com/?kbid=840001 (the one you used)
and
http://support.microsoft.com/?kbid=886689
so the document (http://support.microsoft.com/?kbid=840001) also explains
about when the DN has a space. Open the KB and search for SPACES.... you
will find the NOTE that says:
ntdsutil "authoritative restore" "restore subtree object DN path"
Note The Ntdsutil authoritative restore operation is not successful if the
distinguished name path (DN) contains extended characters or spaces. In
order for the scripted restore to succeed, the "restore object <DN path>"
command must be passed as one complete string.
To work around this problem, wrap the DN that contain extended characters
and spaces with backslash-double-quotation-mark escape sequences. Here is an
example:
ntdsutil "authoritative restore" "restore object \"CN=John Doe,OU=Mayberry
NC,DC=contoso,DC=com\"" q q
--
Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)
# Jorge de Almeida Pinto # MVP Windows Server - Directory Services
BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
------------------------------------------------------------------------------------------
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always test before implementing!
------------------------------------------------------------------------------------------
#################################################
#################################################
------------------------------------------------------------------------------------------
"Riley J" <RileyJ@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:72D563BD-468A-45A5-8ED4-17F34C673823@xxxxxxxxxxxxxxxx
Thats the exact syntax on the site. But if your object's cn has a space
in
it, this method fails.
"Jorge de Almeida Pinto [MVP - DS]" wrote:
isn't this the syntax?: ntdsutil "authoritative restore" "restore object
<object DN path>" q q
and isn't it enclosed by quotes as you see above?
can you provide the link that contains that information that you are
talking
about?
--
Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)
# Jorge de Almeida Pinto # MVP Windows Server - Directory Services
BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
------------------------------------------------------------------------------------------
* This posting is provided "AS IS" with no warranties and confers no
rights!
* Always test before implementing!
------------------------------------------------------------------------------------------
#################################################
#################################################
------------------------------------------------------------------------------------------
"Riley J" <RileyJ@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:FC3D758D-C907-4F67-B325-6EFB0122CF3D@xxxxxxxxxxxxxxxx
It's confusing because it doesn't describe the syntax, and the example
they
give doesn't have a space so it wouldn't run into the same errors I
did.
The
object DN path is obvious, that I had to separate the commands by line
and
surround the DN with quotes (not at all how they showed) is not
obvious.
"Jorge de Almeida Pinto [MVP]" wrote:
so, what is confusing about:
ntdsutil "authoritative restore" "restore object <object DN path>" q q
<object DN path> is just what it says... the DN of the object, not the
sam,
not the cn or whatever
--
Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)
# Jorge de Almeida Pinto # MVP Windows Server - Directory Services
BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
------------------------------------------------------------------------------------------
* This posting is provided "AS IS" with no warranties and confers no
rights!
* Always test before implementing!
------------------------------------------------------------------------------------------
#################################################
#################################################
------------------------------------------------------------------------------------------
"Riley J" <RileyJ@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:B55E7E5F-15B9-4D16-AA8F-3EB957431C80@xxxxxxxxxxxxxxxx
I finally go it working using this
ntdsutil
authoritative restore
restore object "cn=bruce wayne,cn=users,dc=hephaestus,dc=ds,dc=com"
Someone really should edit that microsoft document, it's confusing
as
all
hell. Not user-friendly whatsoever.
.
- Follow-Ups:
- Re: Authoritative AD restore
- From: Riley J
- Re: Authoritative AD restore
- References:
- Re: Authoritative AD restore
- From: Andrei Ungureanu [MVP]
- Re: Authoritative AD restore
- From: Florian Frommherz
- Re: Authoritative AD restore
- From: Jorge de Almeida Pinto [MVP]
- Re: Authoritative AD restore
- From: Jorge de Almeida Pinto [MVP - DS]
- Re: Authoritative AD restore
- From: Riley J
- Re: Authoritative AD restore
- Prev by Date: Re: ADUC Question
- Next by Date: Re: Removing non-existent domains from login dropdown
- Previous by thread: Re: Authoritative AD restore
- Next by thread: Re: Authoritative AD restore
- Index(es):
Relevant Pages
|
