Can Passwords and SID History be restored during an Online Restore?
To restore password and SID history, use the agent based restore method (uncheck agentless). The agentless method uses LDAP calls to restore attributes, and password and SIDHistory cannot be written using LDAP calls.
The password and SID history is not stored in the tombstone by default. These attributes exist in the backup file and therefore require a valid backup to perform a restore. The schema can be modified to include these attributes in the tombstone but this is a change that would only affect deleted objects after the change has been made. Recovery Manager for AD includes a tool to make this modification easy to perform. The tool is called "Password and SIDHistory Recoverability" and can be found within the Recovery Manager for Active Directory section of the Programs menu.
© 2024 Quest Software Inc. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center