Microsoft 70-411 Exam – Q97

The domain contains 2 domain controllers running Server 2012 R2. AD recycle bin is enabled for the domain. DC1 is configured to take AD snapshots daily. DC2 is set to take snapshots weekly.

Someone deletes a group containing 100 users. You need to recover this group.

What should you do?

A. Authoritative Restore
B. Non Authoritative Restore
C. Tombstone Reanimation
D. Modify attribute isdeleted=true

Correct Answer: C

In Windows Server 2003 Active Directory and Windows Server 2008 AD DS, you could recover deleted Active Directory objects through tombstone reanimation. However, reanimated objects’ link-valued attributes (for example, group memberships of user accounts) that were physically removed and non-link-valued attributes that were cleared were not recovered. Therefore, administrators could not rely on tombstone reanimation as the ultimate solution to accidental deletion of objects.

When you enable Active Directory Recycle Bin, all link-valued and non-link-valued attributes of the deleted Active Directory objects are preserved and the objects are restored in their entirety to the same consistent logical state that they were in immediately before deletion.

In Windows Server 2012, the Active Directory Recycle Bin feature has been enhanced with a new graphical user interface for users to manage and restore deleted objects. Users can now visually locate a list of deleted objects and restore them to their original or desired locations.