Restore Deleted AD Groups

Restoring Active Directory groups

PowerShell vs Ntdsutil vs RecoveryManager Plus

Active Directory groups play a pivotal role in handling security permissions and authorizations across your AD environment. Unauthorized group changes like additions or deletions of users can jeopardize the security of sensitive resources by providing access to unauthorized users or by revoking users’ access to critical documents. To combat such accidents, a tool that tracks all changes made to groups would be handy. However, tracking every change using Microsoft tools or PowerShell is almost impossible. 

Microsoft's PowerShell and Ntdsutil provide administrators with the ability to restore deleted groups, but they don’t offer any way to keep track of all the group membership changes that AD groups undergo. This serves as a deterrent to administrators who wish to maintain complete control over these changes. Administrators have nothing to worry about though, as they can deploy RecoveryManager Plus to overcome all these limitations of the native tools. Check out this chart to see how the native tools line up against RecoveryManager Plus.

Features PowerShell Ntdsutil RecoveryManager Plus
Recycle deleted groups 
(Restore a deleted user object from the recycle bin.)
tick tick tick
Restore security permissions
(Restore security permissions and authorizations provided to security groups.)
tick tick tick
User interface 
(No need for scripting.)
cancel cancel tick
Backup scheduler
(To automate the backup process.)
cancel cancel tick
Backup version management
(Back up each change made to groups and their memberships as separate versions.)
cancel cancel tick
Attribute-level restoration
(Restore individual attributes to any of their previous versions.)
cancel cancel tick
Group membership history
(History of users added and removed from the group.)
cancel cancel tick
Restart-free restoration
(Restore groups from backup without restarting your DCs.)
tick cancel tick

As you can see in the chart above, while PowerShell and Ntdsutil allow administrators to  restore deleted AD user objects, they are not very user-friendly and also don't provide any additional features to help manage the multiple changes that each object undergoes. RecoveryManager Plus, on the other hand, provides an efficient alternative for keeping your AD secure at all times. With options for scheduling backups, retaining multiple versions of the same user objects, and granular restoration capabilities, RecoveryManager Plus offers the best solution for handling user backups and restorations.

Overcome the limitations of native AD backup and recovery tools with RecoveryManager Plus.

  Download a free trial now!  Request demo

Couldn't find the feature you wanted? Raise a feature request

A single pane of glass for AD, Azure AD, Microsoft 365,
Google Workspace, Exchange, and Zoho WorkDrive backup.
  • » Personal WorkDrive backup
  • » Backup retention
  • » Incremental backup