VB.NET – Find Deleted Active Directory Objects with .NET DirectoryServices

October 11, 2010 — Leave a comment

Just a quick example of how you can use the System.DirectoryServices.DirectorySearcher class to find deleted objects (that have not yet reached the tombstone time limit) in your Active Directory domain.

This basic example will just find deleted computer objects and show the name of each computer in a messagebox:

'Use the current user's domain as the root of our search
Dim Searcher As New DirectorySearcher(New DirectoryEntry())

'Set our search properties to find Tombstoned objects
Searcher.PageSize = 1000
Searcher.Tombstone = True

'Set the search filter to only find deleted computer objects
Searcher.Filter = ("(&(isDeleted=TRUE)(objectClass=computer))")

'Loop through the results and show each deleted object's name
For Each DeletedObject As SearchResult In Searcher.FindAll
    MessageBox.Show(DeletedObject.Properties("name")(0).ToString)
Next

Hopefully its fairly obvious what you need to change if you wanted to search for user accounts instead of computer accounts.

As deleted objects do not have all of the normal attributes that they would have if they were ‘alive’ there is only a very limited amount of information that you can get from these objects, but it can still be useful in some situations. If you want to see all of the attributes (and their values) that are available for each deleted object, you could use something like this – the example below again only finds computer accounts:

'Use the current user's domain as the root of our search
        Dim Searcher As New DirectorySearcher(New DirectoryEntry())

        'Set our search properties to find Tombstoned objects
        Searcher.PageSize = 1000
        Searcher.Tombstone = True

        'Set the search filter to only find deleted computer objects
        Searcher.Filter = ("(&(isDeleted=TRUE)(objectClass=computer))")

        'Loop through the results and show every available property for each deleted object
        For Each DeletedObject As SearchResult In Searcher.FindAll
            Dim ResultString As String = String.Empty
            For Each Propertyname As String In DeletedObject.Properties.PropertyNames
                For i As Integer = 0 To DeletedObject.Properties(Propertyname).Count – 1
                    ResultString &= Propertyname & " = " & DeletedObject.Properties(Propertyname)(i).ToString & vbNewLine
                Next
            Next
            MessageBox.Show(ResultString)
        Next

Hope that helps someone out in the future 🙂

Chris

In Active Directory, VB.NET - Active Directory, VB.NET - General , , ,
permalink

No Comments

Be the first to start the conversation!

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s