Restoring deleted objects

To restore a deleted object, you need to know its ADS path. To get the ADS path of a deleted object, you can search in the Deleted Objects container in your directory with the help of IAdmDirectorySearcher. For example, you can find a deleted user by their user principal name.

PowerShell
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

$serviceHost = "localhost"
$managedDomain = "DC=example,DC=com"
$myCriteria = New-AdmCriteria "user" {userPrincipalName -eq "j.smith@example.com"}

# Connect to Adaxes service.
$ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$service = $ns.GetServiceDirectly($serviceHost)

# Bind to the managed domain.
$searcher = $service.OpenObject("Adaxes://$managedDomain", $null, $null, 0)

# Specify to search deleted objects.
$searcher.Tombstone = $true

# Specify search criteria.
$searcher.Criteria = New-AdmCriteria "*" {isDeleted -eq $true}
$searcher.AddCriteria($myCriteria)

try
{
    # Execute search
    $searchResultIterator = $searcher.ExecuteSearch()
    
    # Fetch results
    $searchResults = $searchResultIterator.FetchAll()
    foreach ($searchResult in $searchResults)
    {
        Write-Host $searchResult.AdsPath
    }
}
finally
{
    # Release resources used by the search.
    $searchResultIterator.Dispose()
}
C#
using System;
using Softerra.Adaxes.Adsi;
using Softerra.Adaxes.Directory.Criteria;
using Softerra.Adaxes.Interop.Adsi;
using Softerra.Adaxes.Interop.Adsi.PersistentObjects;

class Program
{
    static void Main()
    {
        const string serviceHost = "localhost";
        const string managedDomain = "DC=example,DC=com";
        SimpleCriteriaItem myCriteria = new()
        {
            Property = "userPrincipalName",
            Operator = "eq",
            Values = { "j.smith@example.com" }
        };

        // Connect to Adaxes service.
        AdmNamespace ns = new AdmNamespace();
        IAdmService service = ns.GetServiceDirectly(serviceHost);

        // Bind to the managed domain.
        IAdmDirectorySearcher searcher = (IAdmDirectorySearcher)service.OpenObject(
            $"Adaxes://{managedDomain}", null, null, 0);

        // Specify to search deleted objects.
        searcher.Tombstone = true;

        // Specify search criteria.
        CompoundCriteriaItem userCriteria = new()
        {
            Items = 
            { 
                myCriteria,
                new SimpleCriteriaItem()
                {
                    Property = "isDeleted",
                    Operator = "eq",
                    Values = { true }
                }
            },
            LogicalOperator = LogicalOperator.And
        };
        searcher.Criteria = new();
        searcher.Criteria.AddType("user", userCriteria);

        // Execute search.
        using (IAdmSearchResultIterator results = searcher.ExecuteSearch())
        {
            foreach (IAdmSearchResult result in results.FetchAll())
            {
                Console.WriteLine(result.AdsPath);
            }
        }
    }
}

Once you have the ADS path of the object you want to restore, bind to the container where you want to restore it and call the RestoreHere method of the IAdmContainer interface.

PowerShell
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

$serviceHost = "localhost"

# Connect to Adaxes service.
$ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$service = $ns.GetServiceDirectly($serviceHost)

# Bind to the organizational unit where to restore.
$ouToRestoreIn = $service.OpenObject("Adaxes://OU=Sales,DC=example,DC=com", $null, $null, 0)

# Restore the object.
$deletedObjectPath = "Adaxes://example.com/CN=John Smith" + `
    "\0ADEL:eb5feb21-e648-42ad-b86c-89d3c6807953," + `
    "CN=Deleted Objects,DC=example,DC=com"
$newRdn = $null
$restoreChildObjects = $false
$ouToRestoreIn.RestoreHere($deletedObjectPath, $newRdn, $restoreChildObjects)
C#
using Softerra.Adaxes.Adsi;
using Softerra.Adaxes.Interop.Adsi;
using Softerra.Adaxes.Interop.Adsi.PersistentObjects;

class Program
{
    static void Main()
    {
        const string serviceHost = "localhost";

        // Connect to Adaxes service.
        AdmNamespace ns = new AdmNamespace();
        IAdmService service = ns.GetServiceDirectly(serviceHost);

        // Bind to the organizational unit where to restore.
        IAdmContainer ouToRestoreIn = (IAdmContainer)service.OpenObject(
            "Adaxes://OU=Sales,DC=example,DC=com", null, null, 0);

        // Restore the object.
        string deletedObjectPath = @"Adaxes://example.com/CN=John Smith" +
            @"\0ADEL:eb5feb21-e648-42ad-b86c-89d3c6807953," +
            @"CN=Deleted Objects,DC=example,DC=com";
        string newRdn = null;
        bool restoreChildObjects = false;
        ouToRestoreIn.RestoreHere(deletedObjectPath, newRdn, restoreChildObjects);
    }
}

When restoring an object, you can change its relative distinguished name (RDN). To do this, specify the new RDN as the value of the newRdn parameter of the RestoreHere method.

$newRdn = "CN=John Dowson"
$ouToRestoreIn.RestoreHere($deletedObjectPath, $newRdn, $restoreChildObjects)

To restore a deleted object along with all child objects, specify true as the value of the of the restoreChildObjects parameter of the RestoreHere method.

$restoreChildObjects = $true
$ouToRestoreIn.RestoreHere($deletedObjectPath, $newRdn, $restoreChildObjects)

Restoring objects to their original container

You can restore an object to the container it was deleted from. The DN of the container can obtained from the lastKnownParent property of the deleted object.

PowerShell
 [Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")
 
 $serviceHost = "localhost"

 # Connect to Adaxes service.
 $ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
 $service = $ns.GetServiceDirectly($serviceHost)
 
 # Get the last known parent.
 $deletedObjectPath = "Adaxes://example.com/CN=John Smith" + `
     "\0ADEL:eb5feb21-e648-42ad-b86c-89d3c6807953," + `
     "CN=Deleted Objects,DC=example,DC=com"
 $deletedObject = $service.OpenObject($deletedObjectPath, $null, $null, 0)
 $lastKnownParentDN = $deletedObject.Get("lastKnownParent")
 
 # Bind to the organizational unit where to restore.
 $ouToRestoreIn = $service.OpenObject("Adaxes://$lastKnownParentDN", $null, $null, 0)
 
 # Restore the object.
 $ouToRestoreIn.RestoreHere($deletedObjectPath, $null, $false)
C#
using Softerra.Adaxes.Adsi;
using Softerra.Adaxes.Interop.Adsi;
using Softerra.Adaxes.Interop.Adsi.PersistentObjects;

class Program
{
    static void Main()
    {
        const string serviceHost = "localhost";

        // Connect to Adaxes service.
        AdmNamespace ns = new AdmNamespace();
        IAdmService service = ns.GetServiceDirectly(serviceHost);

        // Get the last known parent.
        string deletedObjectPath = @"Adaxes://example.com/CN=John Smith" +
           @"\0ADEL:eb5feb21-e648-42ad-b86c-89d3c6807953," +
           @"CN=Deleted Objects,DC=example,DC=com";
        IADs deletedObject = (IADs)service.OpenObject(deletedObjectPath, null, null, 0);
        string lastKnownParentDN = (string)deletedObject.Get("lastKnownParent");

        // Bind to the organizational unit where to restore.
        IAdmContainer ouToRestoreIn = (IAdmContainer)service.OpenObject(
            $"Adaxes://{lastKnownParentDN}", null, null, 0);

        // Restore the object.
        ouToRestoreIn.RestoreHere(deletedObjectPath, null, false);
    }
}

To restore deleted objects in a managed domain, the recycle bin must be enabled in that domain.

 How to check the status of the recycle bin

You can use one of the following methods to check which domains managed by Adaxes have recycle bin enabled:

  • Generate the built-in Domains with Recycle Bin disabled report.
  • Execute the following script in Windows PowerShell.
[Reflection.Assembly]::LoadWithPartialName("Softerra.Adaxes.Adsi")

# The host name of the computer where Adaxes service is installed.
$serviceHost = "localhost"

# Connect to Adaxes service.
$ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$service = $ns.GetServiceDirectly($serviceHost)

# Connect to Adaxes service.
$ns = New-Object "Softerra.Adaxes.Adsi.AdmNamespace"
$service = $ns.GetServiceDirectly($serviceHost)

# Check status of recycle bin in managed domains.
$managedDomains = $service.GetManagedDomains()
foreach ($item in $managedDomains)
{
    $domainName = $item.Name
    $domain = $service.OpenObject("Adaxes://$domainName/rootDSE", $null, $null, 0)
    $isEnabled = $domain.Get("adm-RecycleBinEnabled")
    Write-Host "Recycle bin enabled for $domainName`: $isEnabled"
}

Requirements

Minimum required version: 2018.1

See also