Identifying what Object Belongs to a SID

G

Guest

Is it possible to retrieve the object name that belongs to a particular SID
after the object has been deleted? When I check the security on a folder, I
see a SID of "NT User: S-1-5-21-3XXXX-...". I'm assuming this object has
been deleted & I want to know if there is a way to retrieve it without
restoring the AD database.
 
S

Steve Duff [MVP]

This is much easier in 2003 Server than 2000 Server, as it has an API to provide recovery of tombstoned AD objects, and there is a
freeware utility from Sysinternals to help with this:

http://www.sysinternals.com/Utilities/AdRestore.html

Otherwise, you've got work to do, this MS KB article provides context and instructions for both platforms:

http://support.microsoft.com/?kbid=840001

Be absolutely sure to do a full, current system state backup before attempting any of this.

Steve Duff, MCSE, MVP
Ergodic Systems, Inc.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

computer sid 1
icacls Problem, any Ideas ? 3
Grouping Shapes in 2007 3
NTFS permission issue 1
Scripting Local Security Policy Changes 0
Change username under Documents and Settings 4
ntdsutil without a domain 1
Same SID 3

Top