The process of recovering deleted objects, including their group memberships, is very complex, and differs between operating systems. There are several methods available to do this, but in order to fully understand why these methods are so complex, we need to understand a little more about AD and its way of storing and deleting data and objects.
Phantom objects are objects within your AD that you cannot view through any AD viewer or LDAP query. They are created more as low-level tracking objects than anything else, within the AD database.
Phantoms are created when, for example, you add a user from another domain to a group within nailcorp.com. Because since the AD needs to know to where it should reference the object, a phantom object is automatically created, which serves as kind of a forward link towards the object in the other domain. Put simply, they are object reference objects that are automatically created by AD. For more in-depth information regarding...