Active Directory Recycle bin provide the ability to restore Active Directory objects to the same consistent logical state that they were before deletion. For example restore a user account automatically restore all his group membership and the matching access rights that they had.
To restore an objects Active Directory Recycle Bin need to be enabled at the time of the deletion.
By default the Recycle Bin is Disable.
Before enabling Recycle Bin you need to consider the following:
- To enable Recycle Bin you must first raise the forest functional level to Windows Server 2008 R2 or higher.
- The process of enabling Active Directory Recycle Bin is irreversible
This post will guide you how to enable and restore an object via Active Directory Recycle Bin.
Enable Active Directory Recycle Bin
Enabling Recycle Bin in ADAC
1) Open ADAC by typing dsac.exe in the run line
2) Select the appropriate domain from the left panel of the screen. To add domain click on Manage, click Add Navigation Nodes and select the appropriate domain in the dialog box.
3) In the Task panel on the right click Enable Recycle Bin…
4) Click OK on the warning message box.
5) Refresh the ADAC by pressing F5.
Enabling Recycle Bin in PowerShell commands
Open PowerShell and type the following command without the brackets in the order shown:
- Enable-ADOptionalFeature
- (–Identity) ‘CN=Recycle Bin Feature,CN=Optional Features,CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,DC=Direct-Lab,DC=local’
- (–Scope) ForestOrConfigurationSet
- (–Target) ‘Direct-Lab.local’
Restoring deleted objects
Restoring deleted objects via ADAC
1) Open ADAC by typing Dsac.exe in the run line
2) Select the appropriate domain from the left panel of the screen.
To add domain click on Manage, click Add Navigation Nodes and select the appropriate domain in the dialog box.
3) Navigate to the Deleted Object container
4) Select the appropriate user and click restore at the Tasks panel to restore the user to the original container,
click “restore to…” to select the container that will contain the user after the restore.
Restoring deleted objects via PowerShell
Open PowerShell and type the following command without the brackets in the order shown:
For restoring to the original container
-
Get-ADObject –IncludeDeletedObjects | Restore-ADObject
-
(–Filter) ‘Name –Like "*Direct*"
For restoring to specified container add
-
Get-ADObject –IncludeDeletedObjects | Restore-ADObject |–TargetPath "OU=DirectOU,DC=Direct-Lab,DC=local"
-
(–Filter) ‘Name –Like "*Direct*"
This post whose writing by Direct Experts
Phone: +972-73-727-4010 | Email: info@direct-ex.co.il | Web: www.direct-ex.co.il
