[Samba] recommanded way to restore objects from Deleted Objects

Andrew Bartlett abartlet at samba.org
Wed Aug 30 10:26:33 UTC 2017

On Tue, 2017-08-29 at 12:45 +0200, Denis Cardon via samba wrote:
> Hi everyone,
> in samba 4.5 changelog, it says that samba AD now supports tombstone 
> reanimation. I've been used to ldbrename and ldbmodify to reanimate 
> objects to keep objectSID, but if it is now officially supported, it 
> would be better to use the proper way.
> Sysinternals tool adrestore [1] seems to be working properly (it does 
> not restore most attributes, but this is expected since recycle bin is 
> not yet supported. Replication after adrestor'ing an object is fine.
> I did'nt found an equivalent with samba-tool. Is using adrestore windows 
> command line a proper way to do it? Should we use ntdsutil authoritative 
> restore? Is there a samba command line to do that?

Thanks for bringing this up,

I actually wrote up a script, and posted it to samba-technical in
May/June.  I need to write up a simple test to ensure it keeps working,
I'll do that.

In the long term it needs to be part of samba-tool, and probably with
some more options.

Andrew Bartlett

Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba

More information about the samba mailing list