I'm not sure of what might be coming from Microsoft, but if you are using a 3rd party administration tool from someone like Quest or NetIQ they will provide this sort of thing. NetIQ moves users to a RecycleBin OU before it gets actually deleted.
Phil -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Shawn Hayes Sent: Friday, December 03, 2004 2:02 PM To: [EMAIL PROTECTED] Subject: [ActiveDir] Restore AD Why is it that MS hasn't added a deleted Security Principal retention for AD much like Exchange Server's deleted mailbox retention? Wouldn't that greatly simply recovering from small mishaps? I am not talking about the tombstone feature with Windows 2003 AD where you still have to manually recover Group Membership when recovering an account, but something actually intelligent and useful that would restore Group Membership when restoring accounts. Shit, recover a Group from Deleted Security Principal retention and have it add the back links to the memberof attribute of the users that were members of the Group before the Group was deleted. Recover an OU and it restores Security Principals and Members and Memberof attributes of all Security Principals within the OU. Anybody heard of something like this coming down the pike? Shawn Hayes MCSE (2003, 2000, NT) Messaging Systems Engineer City of Virginia Beach (757) 219-2057 List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/