Tuesday, February 11, 2020

Find name of AD group after it has been deleted but you have the SID

So you have the SID of a deleted group, but you want to know its name and other details. You can get this information provided the object is still present in the Active Directory Recycle Bin (assuming you have that enabled in your domain).

That all being said, here is the PowerShell you need:

get-adobject -Filter 'isdeleted -eq $true -and name -ne "Deleted Objects" -and objectSID -like "Enter SID here"' -IncludeDeletedObjects -Properties samaccountname,displayname,objectsid

Example

get-adobject -Filter 'isdeleted -eq $true -and name -ne "Deleted Objects" -and objectSID -like "S-1-5-21-1601936709-1892662786-3840804712-315762"' -IncludeDeletedObjects -Properties samaccountname,displayname,objectsid

Cheers!

1 comment:

  1. This was great, exactly what I needed! Thanks

    ReplyDelete