Re: Deleted the wrong user and need help to restore, please.
- From: Joshua <Joshua@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 13 Dec 2006 09:54:04 -0800
Thank you very much, Herb. I checked locally, and all the needed files were
still there and in one piece. I had just one last question:
How do I copy all the files in the erased profile's folder to a different,
current, user's folder? I see that you typed " xcopy /s /c bschwartz(old
account name) \safe\ (new account name) \". Do I just type that into the
cmd prompt? Can I right click "select all" and just copy to a different
folder? Thanks again for all your help, it really is appreciated. -Joshua
"Herb Martin" wrote:
"Pi" <Pi@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message.
news:C65C83F7-FCCA-4914-88D2-EEE22327E75B@xxxxxxxxxxxxxxxx
Hello and thanks in advance for any help that can be provided.
I accidently erased a user profile that is still active at our satellite
office. This of course erased all the documents/files she had saved to
the
profile and her local computer. I have read through the authoritative
restore section, however I can't really understand it.
That's because "Authoritative Restore" is misnamed to it is
confusing to understand until you understand it. (There is
NO such thing as authoritative RESTORE -- you actually
do a regular restore, then mark the Active Directory (domain
database), or a portion of it, as AUTHORITATIVE or taking
precedence over the other DCs so that the restored backup
on the marked DC will take precedence over other DCs
rather than accept changes (later than the backup) from those
others as would normally happen with an ordinary restore.
So, it should be called "marking the AD as authoritative
AFTER a restore" (or some shorter catchy phrase.)
Doesn't matter though since neither a regular restore of
AD nor the authoritative method will help you.
Profiles are NOT stored in the System State of the DC,
nor in Active Directory specifically.
I am not an
IT/systems person, and some of the jargon loses me.
Some of it loses most IT people too. <Grin>
We'll help if you just ask when you don't understand
something.
I would really, really
appreciate it if anyone could tell me how to restore the delted user in
steps
so simple, even a slow person like myself could understand.
Oops, the problem with terminology COULD mean that we
weren't communicating effectively above however -- the
Profile is MERELY the files and registry settings for each
user, while the "user" (or 'user account') is the record stored
which defines the user (password etc) in the Active
Directory.
If you deleted the User then the Authoritative Restore will
help (and the Profile is likely still on the Server or User's
hard drive.)
If you only deleted the Profile then that is only on your
REGULAR (not System State [AD] backups), or maybe,
just maybe on the users machine if you only deleted the
version on the Server of a Roaming profile.
If I can't restore the user and files,
Files? Are you sure you deleted the files specifically?
Deleting the user account will NOT delete those.
Go to the Server (for a Roaming profile), OR to the User's
favorite machine for a Local (non-Roaming) profile or
if the server version got deleted: xcopy the entire
user profile to another safety directory just in case.
XCOPY /s /c USER_DIR_NAME \safe\USER_DIR_NAME\
/s will include subdirectories, and /c will continue on
errors so you get as much as possible.
I am up a creek without a paddle; so any help is
sincerely appreciated. Thank you. (I believe I am using Microsoft Server
2003 Web Edition) -Joshua
You can find the "authoritative restore" in both the help
and on the Microsoft site by using Google in MUCH more
detail that we can write it here, but since you seem to have
read that below are the highlights so you can re-read and
follow that and know the key points:
1) You must have a System State backup (or ASR).
2) Boot in Directory Services Restore Mode -- F8
(this leave AD OFF so you can muck with it)
3) Do the REGULAR Restore (aka "non-Authoritative Restore)
4) Docs say you are supposed to re-boot at this point --
if you follow this MAKE SURE you STAY in Directory
Services Restore mode when you reboot -- coming online
regular for even a few seconds would require starting over.
5) From a command line run:
NTDSUtil
Authoritative Restore
Restore Subtree cn="user account name",DC=domain,DC=com
domain & com = your domain name split into pieces (where the dots go)
The above is WRONG if the user account was in an OU. Then
you would need cn="user account", OU=OUName, etc
Note that if the user account is in a deeper level (not top) you
would need an OU= label for each level with the parent on the
right, the deepest child on the left.
This latter applies also to DC= if you have a domain that is
three or more labels, child.domain.com
6) Reboot normally
(you really should re-read the docs though, and compare my
key points above.)
--
Herb Martin, MCSE, MVP
Accelerated MCSE
http://www.LearnQuick.Com
[phone number on web site]
- References:
- Re: Deleted the wrong user and need help to restore, please.
- From: Herb Martin
- Re: Deleted the wrong user and need help to restore, please.
- Prev by Date: Re: Reorranging a Domain Name Space
- Next by Date: Re: can't add anymore serveurs to domain, RID reference error
- Previous by thread: Re: Deleted the wrong user and need help to restore, please.
- Next by thread: Re: Resolving child domain names
- Index(es):
Relevant Pages
|
