Share via

Run an LDIF file to recover back-links

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

Ntdsutil in Windows Server 2003 Service Pack 1 (SP1) provides new functionality for performing authoritative restore of objects that have back-links.

The output of the authoritative restore procedure includes the name of an LDAP Data Interchange Format (LDIF) (.ldf) file that contains the forward-links that are required so that the group memberships (back-links) of any restored user, group, or computer objects can be recovered. For each object or subtree that you restore, you must run the LDIF file on a domain controller in each domain that might have group objects that are required to recover back-links on the restored objects.


This procedure is critical for recovering group memberships for deleted users, groups, or computers, but it applies to any restored objects that have back-link attributes.

Administrative credentials

To perform this procedure, you must be a member of the Domain Admins group in the domain of the domain controller on which you run the command.

  1. Open a command prompt and change directories, if necessary, to the directory of the .ldf file and its respective log files.

  2. At the command prompt, type the following command, and then press ENTER:

    ldifde -i -k -f FileName

    • FileName
      The name of the .ldf file that you want to run, for example,

See Also


Create an LDIF file for recovering back-links for authoritatively restored objects