Your network contains an Active Directory domain named contoso.com. The domain contains
domain controllers that run Windows Server 2008, Windows Server 2008 R2 Windows Server 2012,
and Windows Server 2012 R2.
A domain controller named DC1 runs Windows Server 2012 R2. DC1 is backed up daily.
During routine maintenance, you delete a group named Group1.
You need to recover Group1 and identify the names of the users who were members of Group1
prior to its deletion. You want to achieve this goal by using the minimum amount of administrative
effort.
What should you do first?
A.
Perform an authoritative restore of Group1.
B.
Mount the most recent Active Directory backup.
C.
Use the Recycle Bin to restore Group1.
D.
Reactivate the tombstone of Group1.
Explanation:
The Active Directory Recycle Bin does not have the ability to track simple changes to objects. If the
object itself is not deleted, no element is moved to the Recycle Bin for possible recovery in the
future. In other words, there is no rollback capacity for changes to object properties, or, in other
words, to the values of these properties.
There is another approach you should be aware of. Tombstone reanimation (which has nothing to
do with zombies) provides the only way to recover deleted objects without taking a DC offline, and
it’s the only way to recover a deleted object’s identity information, such as its objectGUID and
objectSid attributes. It neatly solves the problem of recreating a deleted user or group and having to
fix up all the old access control list (ACL) references, which contain the objectSid of the deleted
object.
Restores domain controllers to a specific point in time, and marks objects in Active Directory as
being authoritative with respect to their replication partners.
I think its (D).
http://www.aiotestking.com/microsoft/you-need-to-recover-group1-and-identify-the-names-of-the-users-who-were-members-of-group1-prior-to-its-deletion/#comment-589500
0
1
I copy my comment on v4 exam version here:
“You need to recover Group1 and identify the names of the users who were members of
Group1 prior to its deletion.” So we didn’t remove them before delete it.
I tried it on my lab:
– Created a Test group
– Add administrator as member of the group
– Delete the group
– Reactivate the tombstone of group Test
– Administrator was still on the group.
Because ldp is a bit annoying (and I’ve no idea to use it) I used adrestore from sysinternals instead. https://technet.microsoft.com/en-us/magazine/2007.09.tombstones.aspx
D is my answer, perform an authoritative restore of Group1 also will work but it’s more intrusive.
0
1
I tried using the Recycle bin. I created a group, added users, deleted the group, then went into Admin center and restored the group and all the users were listed as members. Seems the simplest way to do it.
0
0
Rats, just check the requirements for Recycle bin and you have to have at least 2008 R2 Functonal level. If you have a 2008 DC then you are screwed. Nelson is correct.
0
0
Isn’t this pretty much the same as #36?
0
0
N/M I see this one the function level would be different.
0
0