I recently had to troubleshoot why a DNS record disappeared. My first thought was DNS scavenging (even though it shouldn’t delete active records). As a first step, I wanted to find the deleted record in AD since AD will tombstone records prior to actively deleting them, that should be doable.
A little research and this is what I found:
- Open LDP.exe
- Connect and Bind to your domain
- Select View | Tree and for BaseDN: enter CN=Deleted Objects,DC=Contoso,DC=com
- Browse at all the deleted objects