Importing Recovered Objects to Active Directory

Refer to the sections below for information on how to import recovered objects in Active Directory.

• Importing Non-User Objects
• Importing User Objects

Importing Non-User Objects

If Active Directory objects or containers that you have recovered do not contain “User” objects, follow the steps below to import the objects in Active Directory:

1. On the Active Directory machine, run command line as an administrator.
2. Run the following command: ldifde -i -k -f filename -j logfolder, where “filename.ldif” is the path to the recovered ldif file, and “logfolder” is the path to the folder where import logs will be saved.

Importing User Objects

If you have recovered one or more “User” objects or if you have recovered containers that include one or more “User” objects, follow the steps below to import the objects in Active Directory:

1. On the Active Directory machine, run command line as an administrator.
2. Enable a secure LDAP connection on the Active Directory machine:
   1. Log on to the server and open the Server Manager tool.
   2. Add the Active Directory Certificate Services role. On the Role services page of the Add Roles and Features wizard, select a Certification Authority.
   3. When configuring the Active Directory Certificate service on the destination server, use proper credentials to configure the service, choose the Enterprise CA setup type, and choose a Root CA for CA Type.
   4. Follow the rest of wizard instructions to complete adding the Active Directory Certificate Services role.
3. Run the following command: ldifde -i -t 636 -f filename.ldif -k -j logfolder, where “filename.ldif” is the path to the recovered ldif file, and “logfolder” is the path to the folder where import logs will be saved.
4. Edit the group policy by adding imported users. After importing one or more users, you may need to verify password options via user logon.