Find Old DN of Deleted Users in Active Directory using Unboundid Api

Question

I have used ActiveDirectoryDirSyncControl for Active Directory server for Sync Process for finding added , modified and deleted users but there is a problem in deleted users. In deleted user Before deleting the user's DN comes

dn='CN=abcdef,CN=Users,DC=smart,DC=net

but after deleting the user'DN comes

dn='CN=abcdef g\0ADEL:b705fbf6-c3d0-41a3-9420-9817be804b48,CN=Deleted Objects,DC=smart,DC=net

I have to find Old DN of users after deleting the user.How can i find this using UnboundId api Thanks in advance

score 1 · Answer 1 · answered Apr 25 '14 at 13:27

Not sure how to specifically do it with the API you mentioned but I'm assuming you already know how to read attributes.

When an object gets deleted, AD populates the "lastKnownParent" attribute. Combine that with the "cn" attribute and you could easily reconstruct it.

The only problem I can see with this is if a whole OU is deleted. The user accounts in that OU will then have a lastKnownParent attribute set to the dn of the OU in the deleted objects container.

Find Old DN of Deleted Users in Active Directory using Unboundid Api

1 Answers1