locked
Resotre AD security group RRS feed

  • Question

  • HI Experts

    I want to be clear on my below concern...

    I want to restore one security group with help of Quest recovery manager server.

    Group is old more than TSL around 6 month back.

    What will happened if I restore that old group using quest recoery manager.

    Will this group will become lingering object even if I restore group as authoriative restore?

    Friday, August 5, 2016 2:49 PM

Answers

  • Hi,
    When restoring a backup file, Active Directory generally requires that the backup file be no more than 180 days old. (The limit is 60 days if the AD forest was originally created with Windows Server 2000.) If attempt to you restore a backup that is expired, you may encounter problems due to “lingering objects” as you said.
    Normally, it will cause the replication problem in your domain, and related events will occur then. So it is not suggested to restore such a group.
    You could see more details from:
    Remove Lingering Objects that cause AD Replication error 8606 and friends
    https://blogs.technet.microsoft.com/askds/2014/09/15/remove-lingering-objects-that-cause-ad-replication-error-8606-and-friends/
    Detailed Concepts: Lingering Objects in Active Directory and How To's?
    http://social.technet.microsoft.com/wiki/contents/articles/23927.detailed-concepts-lingering-objects-in-active-directory-and-how-to-s.aspx
    Regards,
    Wendy

    Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Proposed as answer by Wendy Jiang Tuesday, August 16, 2016 1:25 AM
    • Marked as answer by Wendy Jiang Friday, August 19, 2016 9:06 AM
    Monday, August 8, 2016 2:40 AM
  • Hi,

    Its not about authoritative or non-authoritative as you are restoring a object which is more than Tombstone lifetime. So the object was physically deleted from the active directory through a process called garbage collection. And this will lead to lingering object. You have remove lingering object from your AD environment.

    Thanks,

    Arindam

    • Proposed as answer by Wendy Jiang Tuesday, August 16, 2016 1:25 AM
    • Marked as answer by Wendy Jiang Friday, August 19, 2016 9:06 AM
    Friday, August 12, 2016 9:34 PM

All replies

  • Hi,
    When restoring a backup file, Active Directory generally requires that the backup file be no more than 180 days old. (The limit is 60 days if the AD forest was originally created with Windows Server 2000.) If attempt to you restore a backup that is expired, you may encounter problems due to “lingering objects” as you said.
    Normally, it will cause the replication problem in your domain, and related events will occur then. So it is not suggested to restore such a group.
    You could see more details from:
    Remove Lingering Objects that cause AD Replication error 8606 and friends
    https://blogs.technet.microsoft.com/askds/2014/09/15/remove-lingering-objects-that-cause-ad-replication-error-8606-and-friends/
    Detailed Concepts: Lingering Objects in Active Directory and How To's?
    http://social.technet.microsoft.com/wiki/contents/articles/23927.detailed-concepts-lingering-objects-in-active-directory-and-how-to-s.aspx
    Regards,
    Wendy

    Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Proposed as answer by Wendy Jiang Tuesday, August 16, 2016 1:25 AM
    • Marked as answer by Wendy Jiang Friday, August 19, 2016 9:06 AM
    Monday, August 8, 2016 2:40 AM
  • > I want to restore one security group with help of Quest recovery manager
    > server.
     
    Then you probably should read QRM documentation and/or head over to Dell
    forums :)
     
    Monday, August 8, 2016 10:02 AM
  • Actually I have restored it from dell recovery manager and issue got resolved after restored.

    but still my concern is same....... Dell quest recovery restore the objects as authoritative restore or non-authoritative ?

    Friday, August 12, 2016 10:14 AM
  • Hi,

    Its not about authoritative or non-authoritative as you are restoring a object which is more than Tombstone lifetime. So the object was physically deleted from the active directory through a process called garbage collection. And this will lead to lingering object. You have remove lingering object from your AD environment.

    Thanks,

    Arindam

    • Proposed as answer by Wendy Jiang Tuesday, August 16, 2016 1:25 AM
    • Marked as answer by Wendy Jiang Friday, August 19, 2016 9:06 AM
    Friday, August 12, 2016 9:34 PM