When you use the Ldp.exe program or the Ldifde.exe program to display attributes about a deleted user account when the Active Directory Recycle Bin feature is enabled in Windows Server 2008 R2, the "memberOf" attribute data will not show any groups. Other attribute data is displayed correctly.
To work around this problem, use the Active Directory PowerShell cmdlet "Get-ADObject" to correctly show group membership information on deleted objects when you use the Active Directory Recycle Bin feature.
For example, to correctly show group membership information on deleted objects, open a command prompt and then change to the PowerShell directory. At the command prompt, type the following commands and then press ENTER after each command:
Microsoft has confirmed that this is a problem in the Ldp.exe program and the Ldifde.exe program in Windows Server 2008 R2.
For more information about the Active Directory Recycle Bin feature, see the Active Directory Recycle Bin Step-by-Step Guide. To see the Active Directory Recycle Bin Step-by-Step Guide, visit the following Microsoft TechNet Web site: