Identifying what Object Belongs to a SID

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Is it possible to retrieve the object name that belongs to a particular SID
after the object has been deleted? When I check the security on a folder, I
see a SID of "NT User: S-1-5-21-3XXXX-...". I'm assuming this object has
been deleted & I want to know if there is a way to retrieve it without
restoring the AD database.
 
This is much easier in 2003 Server than 2000 Server, as it has an API to provide recovery of tombstoned AD objects, and there is a
freeware utility from Sysinternals to help with this:

http://www.sysinternals.com/Utilities/AdRestore.html

Otherwise, you've got work to do, this MS KB article provides context and instructions for both platforms:

http://support.microsoft.com/?kbid=840001

Be absolutely sure to do a full, current system state backup before attempting any of this.

Steve Duff, MCSE, MVP
Ergodic Systems, Inc.
 
Back
Top