R2 Archives - ADSploit https://adsploit.com/tag/r2/ Powered by CionSystems inc Wed, 03 Mar 2010 05:39:38 +0000 en-US hourly 1 https://wordpress.org/?v=6.5.4 https://adsploit.com/wp-content/uploads/2022/08/icon-36x36.png R2 Archives - ADSploit https://adsploit.com/tag/r2/ 32 32 Windows Server 2008 R2 Recycle Bin (Part 1) https://adsploit.com/windows-server-2008-r2-recycle-bin-part-1/ https://adsploit.com/windows-server-2008-r2-recycle-bin-part-1/#respond Wed, 03 Mar 2010 05:39:38 +0000 http://blog.cionsystems.com/?p=97 Had a very interesting conversation about the new Server 2008 R2 version. Most IT admins know it’s been updated with new features, and the one question that usually comes up is- “Doesn’t this mean I won’t need third party apps?” Well, no, you still do. Really. For example, let’s look at one of these new features, the […]

The post Windows Server 2008 R2 Recycle Bin (Part 1) appeared first on ADSploit.

]]>
Had a very interesting conversation about the new Server 2008 R2 version. Most IT admins know it’s been updated with new features, and the one question that usually comes up is- “Doesn’t this mean I won’t need third party apps?”
Well, no, you still do. Really. For example, let’s look at one of these new features, the Recycle Bin.
Remembering the basics:
-Deleted objects in Active Directory aren’t deleted immediately
-Marked with a “tombstone” flag- replicated to all DCs
-Tombstoned objects are saved for a while – 180 days by default
– When deleting objects, Active Directory removes most of its attributes
Windows Server 2008 R2 introduces this change to the deleting process: It places your objects into a “deleted” state where their system attributes are left intact (non-system attributes are stripped out). Recovering an object (changing the tombstone flag) is made easier AS LONG AS THE OBJECT EXISTS IN THE TOMBSTONE.  Following the default 180 days in the tombstone, if no changes are made the object becomes “recycled” and its attributes are stripped out, so it can no longer be recovered.
So this should be very easy right? Well, if you’re trying to access a deleted object with your native management tools you can’t, even with all the changes in Server 2008 R2. Recovery is still not an easy task. Despite the name, you won’t see an AD “Recycle Bin” on your desktop or in any other directory. You’ll have to continue using low level directory editors, scripting or other more complex ways of recovering (reanimating)objects from their “deleted” state. Oh, and by the way, you CAN’T use this new feature until every DC has been upgraded to this new version of Windows (Server 2008 R2 specifically).  What does this mean to you? You have to:
– Upgrade every domain you have to the Windows Server 2008 R2 functional level
– Upgrade your forest to the Windows Server 2008 R2 functional level
(more on this in Part 2)

The post Windows Server 2008 R2 Recycle Bin (Part 1) appeared first on ADSploit.

]]>
https://adsploit.com/windows-server-2008-r2-recycle-bin-part-1/feed/ 0