Printout Header
LEX RSS Feed

LAZARUS

 

Active Directory Deleted Objects Recovery


Undelete Objects / Tombstone Reanimation / AD Recycle Bin Access



           Lazarus Software Logo
  Download LAZARUS      Version 1.8.11

Lazarus is a free tool for Active Directory environments which allows you to access the hidden system container 'Deleted Objects'. This is where a domain controller (or ADAM/AD LDS server) stores the deleted directory objects for a while, before they get deleted physically from the Active Directory database.
         


Lazarus Tool Screenshot

The deleted Active Directory obejcts which are in the Deleted Objects are also called Tombstones. Under Windows 2003 and Windows Server 2008 these tombstones can be restored, but during this Tombstone Reanimation, some important attributes get lost (especially references to other objects like group memberships).

In a environment with Windows Server 2008 R2 domain controllers and an according forest functional level, you can activat an additional feature: The Active Directory Recycle Bin. Deleted objects can be completely undeleted within the Deleted Object LifeTime - with all their properties.

Lazarus Undelete Result List

LAZARUS offers all this in a convenient grafical user interface. Additionally, important configuration settings like the Ad Recycle Bin activation can be performed - or you can change the time intervals which determine how long deleted Active Directory objects will remain in the Deleted Objects container:
tombStoneLifeTime und msDS-DeletedObjectLifetime.

Lazarus settings for AD Recycle Bin

If the Active Directory Recycle Bin feature is not activated yet, LAZARUS gives you the according directions:


Lazarus Setting for tombstone reanimation



Some important technical details about LAZARUS:

Tweet