Scribd Logo
Cargar

¡Te damos la bienvenida a Scribd!

  • Active Directory Recycle Bin

    Cargado por

    Hung Binh Tran
    7 vistas11 páginas
    dss

    Derechos de autor

    © © All Rights Reserved

    Formatos disponibles

    PDF, TXT o lea en línea desde Scribd

    ¿Le pareció útil este documento?

    ¿Este contenido es inapropiado?

    Denunciar este documento
    dss

    Copyright:

    © All Rights Reserved
    Descargue como PDF, TXT o lea en línea desde Scribd
    Marcar por contenido inapropiado
    7 vistas11 páginas

    Active Directory Recycle Bin

    Cargado por

    Hung Binh Tran
    dss

    Copyright:

    © All Rights Reserved
    Descargue como PDF, TXT o lea en línea desde Scribd
    Marcar por contenido inapropiado
    de 11

    Active Directory Recycle Bin

    Trong Windows Server 2008 R2 c mt tnh nng kh mnh trong vic khi phc cc i tng
    t Active Directory l Active Directory Recycle Bin. Trong bi vit chng ti s cng cc bn
    i tm hiu v tnh nng ny v cch s dng n nh th no.
    Windows Server 2008 R2 c mt tnh nng Active Directory Recycle Bin mi, y l tnh nng
    m bn c th s dng undo nhng g b xa do v tnh cho c Active Directory Domain
    Services (AD DS) v Active Directory Lightweight Directory Services (AD LDS). Active
    Directory Recycle Bin cho php bn khi phc cc i tng b xa do v tnh cch nhanh
    chng v gim thi gian cht trong vic mt d liu.
    s dng Active Directory Recycle Bin, mi trng ca bn cn phi c cc iu kin tin
    quyt. Khi c cc tiu chun ny bn cng vn cn phi thc hin mt s k hoch v vic s
    dng Active Directory Recycle Bin s hn ch vic s dng mt s tnh nng khc.
    Bi vit ny s gii thiu cho cc bn v cch thc lm vic ca Active Directory Recycle Bin
    nh th no, khi no bn c th s dng v khng th s dng n, cch thc hin cc nhim v
    c lin quan n Active Directory Recycle Bin nh th no. Bn s rt cn n cc thng tin ny
    v Active Directory Recycle Bin thc s khng c giao din ha thn thin ngi dng.
    Cc iu kin tin quyt
    Active Directory Recycle Bin yu cu mc chc nng forest ca Windows Server 2008 R2,
    ngha rng tt c cc b iu khin min (domain controller) trong forest u c ci t
    Windows Server 2008 R2 v tt c cc min trong forest u c mc chc nng domain ca
    Windows Server 2008 R2.
    Active Directory Recycle Bin l mt tnh nng forest rng mng tnh ty chn, c th s dng
    cho tt c cc min trong forest khi c kch hot. Tnh nng ny b v hiu ha mc nh cho
    d mc chc nng forest c thit lp l Windows Server 2008 R2. Bn c th kch hot Active
    Directory Recycle Bin bng cch s dng lnh Enable-ADOptionalFeature c trong Active
    Directory Module for Windows PowerShell trong Windows Server 2008 R2.
    Trc khi kch hot Active Directory Recycle Bin, bn hy ch rng: Khi bt Active
    Directory Recycle Bin, tnh nng ny s khng th v hiu ha. Bn c th khng thy nhng
    vn gp phi i vi hn ch ny, tuy nhin n s ngn khng cho bn s dng cc tnh nng
    mi khc trong Windows Server 2008 R2, v d nh kh nng roll back (hnh ng nhm a
    tr v trng thi trc ) hoc h thp cc mc chc nng domain v forest. Hai tnh nng ny
    thng loi tr ln nhau: roll back hoc h thp cc mc chc nng, tt c cc tnh nng
    ty chn ca Active Directory phi c v hiu ha. S tr tru y l Active Directory
    Recycle Bin ch l mt tnh nng mang tnh ty chn v khng th v hiu ha khi c kch
    hot. Chnh v vy, bn s khng th roll back hoc h thp cc mc chc nng nu kch
    hot Active Directory Recycle Bin.
    Cch lm vic ca Active Directory Recycle Bin.

    Bng cch kch hot Active Directory Recycle Bin, bn s thay i mt cch c hiu qu chu
    trnh (lifecycle) cho cc i tng AD DS. tm hiu r v cch lm vic ca Active Directory
    Recycle Bin, chng ta hy xem xt n chu trnh ca cc i tng AD DS sau khi Active
    Directory Recycle Bin c kch hot (xem trong hnh 1)

    Hnh 1: Chu trnh ca i tng AD DS khi Active Directory Recycle Bin c kch hot
    Nh nhng g th hin trong hnh 1, c bn trng thi trong mt chu trnh ca i tng AD DS
    sau khi Active Directory Recycle Bin c kch hot:

    Live
    Deleted
    Recycled
    Physically Deleted

    Chng ta hy i xem xt vn tt v cc trng thi ny.


    Trng thi Live
    Khi mt i tng AD DS nm trong th mc, lc ny n c coi nh ang trng thi Live.
    Trng thi Deleted
    Khi mt i tng AD DS b xa khi th mc, i tng s c chuyn sang trng thi
    Deleted. trng thi ny, i tng b xa logic ra khi th mc. S xa b logic c nh
    ngha di y:

    Cc thuc tnh c bo tn
    Tn ring ca i tng b c sai.
    i tng c chuyn vo mc cc i tng xa Deleted Objects.

    i tng AD DS c duy tr trng thi Deleted ny trong sut qung thi gian tn ti ca
    i tng xa. (S lng c th c cu hnh; mc nh trong Windows Server 2008 R2 l
    180 ngy). Khi mt i tng trng thi Deleted, bn c th a chng tr v trng thi Live
    trc bng cch s dng Active Directory Recycle Bin v thc hin mt hnh ng khi phc
    xc thc.

    Trng thi Recycled


    Khi thi gian tn ti ca mt i tng b xa vt qu thi hn cho php, i tng AD DS s
    b chuyn sang trng thi Recycled. Bc chuyn t trng thi Deleted sang trng thi Recycled
    c thc hin hon ton t ng bi h thng, hy b hu ht cc thuc tnh ca i tng.
    S lng thi gian sng ca i tng trong trng thi ny cng c th cu hnh; mc nh l 180
    ngy. Khi mt i tng nm trong trng thi Recycled, i tng s khng th c khi phc
    bng Active Directory Recycle Bin.
    Trng thi Physically Deleted
    Khi thi gian sng ca i tng trong trng thi Recycled ht hn, qu trnh thu thp rc s xa
    i tng ny ra khi c s d liu.
    S dng Active Directory Recycle Bin
    Vic xa mt i tng no do v tnh rt c th xay ra. Bng vi kch chut bn c th v
    tnh xa n hng trm hay thm ch hng ngy i tng. Vin cnh tht l ti t, tuy nhin
    Active Directory Recycle Bin c th cho php bn chuc li li lm ca mnh.
    Cc phn di y s cung cp cc thng tin chi tit v cch kch hot Active Directory Recycle
    Bin, cch xem cc i tng trong trng thi Deleted v cch khi phc cc i tng b xa do
    v tnh.
    Kch hot Active Directory Recycle Bin
    Active Directory Recycle Bin l mt tnh nng khng mang tnh bt buc, tuy nhin bn cn phi
    kch hot nu mun s dng n. Bn c th kch hot tnh nng ny bng cch s dng Active
    Directory Module for Windows PowerShell. Nh cp t trc, phi cn n mc chc
    nng forest ca Windows Server 2008 R2.
    Cc bc di y s m t chi tit qu trnh kch hot Active Directory Recycle Bin:
    1. ng nhp vo domain controller cho php bn thay i.
    2. Kch Start > All Programs > Administrative Tools > Active Directory Module for
    Windows PowerShell.
    3. Trong ca s Active Directory Module for Windows PowerShell, nh vo lnh di
    y, thay th phn domain.local trong lnh ny bng tn thch hp:
    Enable-ADOptionalFeature
    'Recycle
    Bin
    -scope ForestOrConfigurationSet -Target 'domain.local'

    4. Nhn Enter.

    Feature'

    Hnh 2: Kch hot tnh nng Active Directory Recycle Bin


    5. Nh th hin trong hnh 2, bn s c nhc nh bng mt thng bo xc nhn, thng
    bo ny cnh bo bn rng s thay i ny ch mang tnh mt chiu (khng th thay i
    ngc li). Nu bn chc chn rng mnh mun tip tc, hy nh Y v nhn Enter.
    Active Directory Module for Windows PowerShell s khng bo co s thay i thnh cng,
    khng c s kin no c ghi li trong bn ghi s kin mch bo bn rng tnh nng Active
    Directory Recycle Bin c kch hot. Tuy nhin bn c th s dng lnh GetADOptionalFeature thm nh rng tnh nng ny c kch hot thnh cng.
    thm nh trng thi ca tnh nng Active Directory Recycle Bin, hy thc hin theo cc
    bc di y:
    1. ng nhp vo domain controller.
    2. Kch Start > All Programs > Administrative Tools > Active Directory Module for
    Windows PowerShell.
    3. Trong ca s Active Directory Module for Windows PowerShell, hy nh vo lnh di
    y:
    Get-ADOptionalFeature 'Recycle Bin Feature'

    4. Nhn Enter. Nh nhng g th hin trong hnh 3, ca s s hin th trng thi ca tnh
    nng Active Directory Recycle Bin. Nhng thng tin quan trng c cha trong phn
    EnabledScopes, y l phn lit k danh sch cc partition m Active Directory Recycle
    Bin c kch hot.

    Hnh 3: Thm nh trng thi ca Active Directory Recycle Bin


    Xem cc i tng xa
    Khi Active Directory Recycle Bin c kch hot, bn c th s dng mt trong hai cng c
    di xem cc i tng b xa v c t vo mc Deleted Objects:

    Tin ch ldp.exe Lightweight Directory Access Protocol (LDAP)


    Active Directory Module for Windows PowerShell

    Xem Deleted Objects bng tin ch ldp.exe


    xem cc i tng xa bng tin ch ldp.exe, hy thc hin cc bc sau:
    1.
    2.
    3.
    4.

    ng nhp vo mt domain controller.


    Kch Start > Run, nh ldp.exe, sau kch OK.
    Trn menu Connection, chn Connect.
    Trong hp thoi Connect (xem trong hnh 4), nh vo tn v domain controller trong
    forest root domain v kch OK.

    Hnh 4: Hp thoi Connect


    5. Trn menu Connection, chn Bind.

    6. Trong hp thoi Bind (xem trong hnh 5), chn ty chn "Bind as currently logged on
    user" hoc "Bind with credentials". Nhp vo cc tiu chun, sau kch OK.

    Hnh 5: Hp thoi Bind


    7. Trn menu View, chn Tree.
    8. Trong hp thoi Tree View (xem trong hnh 6), nhp vo tn ring ca forest root
    domain, sau kch OK.

    Hnh 6: Hp thoi Tree View


    9. Trn menu Options, chn Controls
    10. Trong hp thoi Controls (xem trong hnh 7), m danh sch Load Predefined v chn
    Return deleted objects, sau kch OK.

    Hnh 7: Hp thoi Controls


    11. M rng phn forest root domain trong cy giao din, xem trong hnh 8. Kch p vo
    nt "CN=Deleted Objects,DC=Domain,DC=local", y DC=Domain,DC=local chnh
    l tn ring ca forest root domain.

    Hnh 8: Mc Deleted Objects


    Bt c i tng no b xa cng u hin hu trong mc Deleted Objects ny. Trong hnh 8,
    i tng User1 hin hu v n b xa sau khi tnh nng Active Directory Recycle Bin c
    kch hot.
    Xem cc i tng xa bng Active Directory Module for Windows PowerShell

    xem cc i tng xa bng Active Directory Module for Windows PowerShell, bn thc
    hin theo cc bc di y:
    1. ng nhp vo mt domain controller.
    2. Kch Start > All Programs > Administrative Tools > Active Directory Module for
    Windows PowerShell.
    3. Trong ca s Active Directory Module for Windows PowerShell (xem trong hnh 9),
    nh vo lnh sau:
    Get-ADObject
    -IncludeDeletedObjects

    -ldapFilter:"(msDS-LastKnownRDN=*)"

    4. Nhn Enter.

    Hnh 9: Xem cc i tng xa bng cch s dng Active Directory Module for Windows
    PowerShell.
    Nh th hin trong hnh 9, cc i tng xa c lit k theo danh sch
    Khi phc cc i tng b xa
    Bn c th khi phc cc i tng b xa bng cch s dng tin ch ldp.exe hoc s dng
    Active Directory Module for Windows PowerShell.
    Khi phc i tng xa bng tin ch ldp.exe
    khi phc cc i tng xa bng tin ch ny. Bn thc hin theo cc bc di y:
    1. S dng tin ch ldp.exe tm i tng m bn mun khi phc. (xem hng dn trong
    phn trc).
    2. Trong cy giao din, kch phi vo i tng m bn mun khi phc. Chn Modify t
    menu xut hin.

    3. Trong hp thoi Modify (xem trong hnh 10), hy nh isDeleted vo trng Edit Entry
    Attribute.
    4. Trong phn Operation ca hp thoi, hy chn Delete.

    Hnh 10: iu chnh thuc tnh isDeleted


    5. Kch nt Enter. Hp thoi s c refresh vi nhiu chi tit c hin th hn (xem
    trong hnh 11).
    6. nh distinguishedName trong trng Edit Entry Attribute.
    7. Trong trng Values, nh vo tn ring ban u ca i tng Active Directory.
    8. Trong phn Operation, chn Replace.
    9. Tch vo hp kim Extended pha di bn tri ca hp thoi.
    10. Kch nt Enter, sau kch Run.

    Hnh 11: iu chnh thuc tnh distinguishedName


    Bn iu chnh thnh cng thuc tnh khi phc li i tng b xa, cc thng tin ca i
    tng s bin mt trong cy giao din (xem hnh 12).

    Hnh 12: So snh hnh ny vi hnh 8 xem cc thng tin c khi phc
    Khi phc i tng xa bng Active Directory Module for Windows PowerShell
    khi phc bng phng php ny, bn hy thc hin theo cc bc sau:
    1. S dng Active Directory Module for Windows PowerShell tm thuc tnh Name cho
    i tng m bn mun khi phc (xem hng dn trong phn trc).
    2. Trong ca s Active Directory Module for Windows PowerShell (hnh 13), nh vo
    lnh di y, thay th User1 bng thuc tnh cho thuc tnh Name m bn mun khi
    phc:

    Get-ADObject
    -Filter
    {displayName
    -IncludeDeletedObjects | Restore-ADObject

    -eq

    "User1"}

    3. Nhn Enter.

    Hnh 13: Khi phc i tng b xa bng Active Directory Module for Windows PowerShell.
    Active Directory Module for Windows PowerShell s khng bo co v s thnh cng ca qu
    trnh khi phc, tuy nhin bn c th tm i tng trong th mc thm nh cho s thnh
    cng

    También podría gustarte