One of our admin deleted a bunch of migration session and I can no longer undo a migrated user.
How can I undo a migrated user if it's migration session is deleted ?
What are my options ?
Hi There,
This isn't generally something that we do not send out without our support team on board, but the process is fairly harmless, just ensure you have a good backup of ADLDS
Before performing this procedure, please make sure QMM and RUM are closed.
A deleted domain pair is still present in the ADAM database. To restore this domain pair, use ADAM ADSI Edit:
Open ADAM ADSI Edit, right-click the root of the tree and select "connect to". In the dialog that appears, specify the ADAM server and port, select "Distinguished Name (DN) or Naming context:", and entering cn=[qmm project name]. You may also need to enter credentials in this dialog if your currently logged in credentials do not have rights.
Open the project tree, and open the "CN=AMMProject_[GUID]" node, then the "CN=Projects" node. Under this node there will be a number of nodes (depending on the number of domain pairs) named "CN=[GUID]". Right-click each of these and click "properties", and look for the attribute "aelita-Amm-Name" attribute. This stores the name of the domain pair. Look at each node's properties until you find the deleted domain pair.
When the deleted domain pair's node has been found, it will have an attribute "aelita-Amm-Deleted" set to TRUE. Double-click this attribute and select "Not Set", click OK, and click OK on the properties dialog box.
Next, expand the selected node. Under this node there will be two CN=[GUID] nodes. View the properties of each. One should have an "aelita-Amm-Name" attribute of "Migration", and the other "Synchronization". For each of these, set the "aelita-Amm-Deleted" attribute to "Not Set", and click OK to apply the changes.
Launch QMM. You will now see the deleted domain pair, and will be able to perform resource updating based on the account mappings from this domain pair.
WOW, this is way past my comfort zone. Should I contact support for this ?
How do I backup the ADAM database ? If suddenly I feel Courageous enough and decide to do it myself
AD LDS is backed up as part of the system state OS backup. Quest Recovery Manager for Active Directory can also backup and restore AD LDS.
Hello Luke,
So I went ahead and I logged to the database with ADSI edit as unstructed.
I verified that the aelita-Amm-Deleted is set to "not set" all the way to the migration session as follows and my migration session did no reappear in the QMM console:
CN=MyMigrationProject
CN=AMMProject_[GUID]" - aelita-Amm-Deleted is set to "not set"
CN=Projects
CN=C6F0A.... (this is my domain pair that contains deleted migration session) - aelita-Amm-Deleted is set to "not set"
CN= 0A1B01... (This is my migration node) - - aelita-Amm-Deleted is set to "not set"
I noticed that Under the migraiton node, there are 3 other nodes:
1-CN=Map_2622...
2-CN=Roles_2622..
3-CN=SessionContainer
Is my deleted migraiton session stored under 1 of the 3 nodes ?
The value of Aelita-amm-deleted needs to be FALSE, instead of NOT SET
I think that article is incorrect.
Do it with QMM closed, and then close adsiedit, and finally open console. if this doesn't help, please feel free to open a support call.
