It’s every IT administrator's nightmare: You accidentally delete an Active Directory (AD) user, group, or organizational unit (OU). You need it back—fast—and without restoring from a full backup, which causes downtime. While Microsoft offers the command-line utility
In an era where every second of downtime costs money, democratizes AD recovery. You no longer need to memorize adrestore -r -t 60 -s "CN=DeletedObject,..." . Instead, you rely on a visual, intuitive, and safe interface.
Developed by Guy Teverovsky, ADRestore.NET is a graphical interface designed to find and restore objects from the Deleted Objects container in Active Directory.
Before running the tool, ensure the following conditions are met: adrestorenet the gui version of adrestore
ADRestore.NET is a standalone executable. Download it and run it from a domain-joined machine. 2. Connect to Domain Controller
Before launching the utility, ensure you are logged into a machine with or Enterprise Admin privileges, as modifying the configuration naming context requires elevated permissions. Step 1: Launch and Connect
Enter the name or IP address of your Domain Controller, or leave it blank to automatically detect the local domain. You no longer need to memorize adrestore -r
Below is a comprehensive guide to understanding, installing, and using ADRestoreNET for your domain environment. Understanding the Active Directory Tombstone
Disclaimer: As noted in 4sysops, ADRestore.NET relies on the Tombstone Lifetime, meaning it can only restore objects that have not yet been permanently removed by Active Directory's garbage collection process.
Accidentally deleting a user, computer account, or Organization Unit (OU) in Active Directory (AD) is a nightmare scenario for any system administrator. When this happens, traditional backups can be slow and disruptive to restore. Fortunately, Microsoft provides a tombstone reanimation tool called to recover deleted objects. Before running the tool, ensure the following conditions
Last year, I watched a junior admin accidentally delete a security group that contained 200 nested groups used for a file server permission structure. Restoring manually would have taken days. Using adrestore from the CLI would have taken 10 minutes of typing commands.
→ Create the missing OU first, or restore to LostAndFound manually using ADUC.
Select an item, click a button, and restore it immediately without typing long Distinguished Names (DNs).
command-line tool. Developed by Guy Teverovsky, it simplifies the process of tombstone reanimation