Your network contains an Active Directory domain named contoso.com. The domain
contains a domain controller named DC1 that runs Windows Server 2012 R2. DC1 is backed
up daily.
The domain has the Active Directory Recycle Bin enabled.
During routine maintenance, you delete 500 inactive user accounts and 100 inactive groups.
One of the deleted groups is named Group1. Some of the deleted user accounts are
members of some of the deleted groups.
For documentation purposes, you must provide a list of the members of Group1 before the
group was deleted.
You need to identify the names of the users who were members of Group1 prior to its
deletion. You want to achieve this goal by using the minimum amount of administrative
effort.
What should you do first?
A.
Reactivate the tombstone of Group1.
B.
Use the Recycle Bin to restore Group1.
C.
Perform an authoritative restore of Group1.
D.
Mount the most recent Active Directory backup.
Answer is B. I tested it in my lab.
First you restore the group and then you restore the user accounts. They will automatically go in the respective groups they belong. Then you can check the group membership for the list of users in the group.
you do not need to restore anything, just document the state before deletion, so this works by using the most recent AD backup
Den – The question requests minimum administrative efforts. I think restoring via ADAC will be quicker easily allows to do the documentation, than having to restore a backup? You would need to use dasmain to make the AD backup file available and then start browsing it using ldp.
It’s not only the Group1 who is deleted, the user accounts are also deleted and Options A,B,C are only talking from a Group1 restore. That’s not enough to identify the Group members.
So Answer D must be correct.