Lost and Found in AD

It is possible to make changes to a particular object in active directory at a time by multiple administrators. In simple it is possible for two administrators to make conflicting changes to an ad at the same time. So, what if like an admin has deleted an OU from a dc and another administrator from another dc moved a user to that particular OU at the same time? What happens in this case before replication happens? There comes Lost and Found container in ad for rescue.

As said, Lost and Found is a container which is hidden from administrators by default. It will be available or visible only if Advanced Features has been set. Lost and Found folder holds the orphaned objects. Now what are Orphan objects? As the name itself specifies, the objects that does not have parent are called Orphan objects.

An object becomes orphan through AD replication. Let us take the above example of OU. An administrator in a dc deletes a particular OU from a domain. Before replication happens, this deletion is applied only to that particular dc only. So, at the same time if another administrator moves a user to this OU, the object will be moved to this OU, which is applied only in the local dc before replication happens.

Once replication is done, the deleted OU is reflected in all dc’s and the change is applied across the domain. In this case we need not have to worry about the moved user. The user is preserved in Lost and Found container.

Is this the only purpose of this container? The answer is simply No. You could find the explanation here.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s