ADRestore.NET is a third-party tool and is not hosted by Microsoft. It can be found on several legacy freeware archives and tech community blogs. Always ensure you download from a reputable source and scan the file with antivirus software before running it.
Why would you choose the GUI version over the original command-line tool? Here are the definitive features:
What your domain controllers are running.
Although the Active Directory Recycle Bin has largely superseded the need for tombstone reanimation tools in modern Windows Server environments, ADRestore.NET's legacy is significant. For anyone managing a legacy Windows Server 2003 domain, or for those who simply prefer a point-and-click interface over a command line, ADRestore.NET remains a reliable, lightweight, and effective tool for those "oops" moments in Active Directory management.
is the graphical user interface (GUI) companion to the classic Microsoft Sysinternals ADRestore command-line tool. Created by Guy Teverovsky, it simplifies "tombstone reanimation"—the process of recovering Active Directory objects that have been deleted but not yet purged from the database. Key Features & Benefits adrestorenet the gui version of adrestore
Open Active Directory Users and Computers (ADUC) and verify that the object has returned to its lastKnownParent container. Conclusion
The main window will display all deleted (tombstoned) objects within the domain. The list can be filtered using the text boxes above each column to narrow down the results.
Is the currently enabled or disabled?
If you deleted an entire Organizational Unit (OU) containing user accounts, you must restore the OU first, then restore the child objects (users/computers). 5. Verify the Restoration ADRestore
. Developed by Guy Teverovsky, it provides a user-friendly alternative to the original command-line Sysinternals ADRestore tool Key Features of ADRestore.NET Visual Browsing
When an object becomes a tombstone, Active Directory strips away non-essential attributes to save database space. Restoring a user via ADRestoreNET will successfully recover their Security Identifier (SID) and login credentials, but group memberships, email addresses, manager details, and telephone numbers are permanently lost and must be rebuilt manually.
– Before restoring an object, you can view its attributes (such as objectGUID , objectSid , lastKnownParent , etc.). This preview helps confirm you are restoring the correct object, especially when multiple similar objects are present in the tombstone list.
MIT / Free for internal enterprise use – no telemetry, no ads. Why would you choose the GUI version over
Use dedicated fields at the top of columns to find specific deleted objects by name or type—essential for large directories.
The core principle behind both tools is the same: they leverage the Active Directory "tombstone" mechanism. When an object is deleted from AD, it is not immediately and permanently removed from the database. Instead, it is marked for deletion with an attribute called an "isDeleted" marker and moved to a special "Deleted Objects" container. This "tombstoned" object remains in this state for a specific period (60 days in older Windows 2000/2003 environments, or 180 days in newer ones), after which it is permanently purged. ADRestore.NET allows an administrator to browse this "Deleted Objects" container and "reanimate" these tombstoned objects, bringing them back to their original location without needing a full system state backup.
It is ideal for junior administrators or those who prefer GUI tools over command-line interfaces, reports 4sysops .