IT admins often need to be able to identify recently deleted objects in their Active Directory deployments. In certain cases, this might be to uncover accidental deletions, and in other cases, this might be to generate a list of all recently deleted objects for audit or compliance purposes.
An Active Directory object comes into existence either when Active Directory is installed, or when it is created by an IT administrator or an application. When it is no longer needed, an object can be deleted by an IT administrator or an application. When an object is deleted, it is first logically deleted for a specific interval of time to allow replication of the deletion to occur, and after this time has elapsed it is physically deleted.
IT administrators thus often have a need to be able to identify and list recently deleted objects in Active Directory, and there are more than one ways in which IT administrators can enumerate Deleted Objects in Active Directory
An Active Directory object comes into existence either when Active Directory is installed, or when it is created by an IT administrator or an application. When it is no longer needed, an object can be deleted by an IT administrator or an application. When an object is deleted, it is first logically deleted for a specific interval of time to allow replication of the deletion to occur, and after this time has elapsed it is physically deleted.
IT administrators thus often have a need to be able to identify and list recently deleted objects in Active Directory, and there are more than one ways in which IT administrators can enumerate Deleted Objects in Active Directory
IT administrators who wish to query Active Directory to obtain a list of deleted objects should use the Object Identifier Control (1.2.840.113556.1.4.417) also known as the Show Deleted Object control. IT administrators can also choose to use 3rd party automated Active Directory reporting tools that provide instant and reliable reports which document all objects have been deleted in the last few days, often based on their class as well.
It always helps to know if there were any accidental deletions, or if any objects were recently deleted by another IT administrator, so IT administrators should always keep an eye out for deleted objects, and ensure that any accidental deletions are undone.
