Windows Server 2016: Active Directory Recycle Bin

KB ID 0001389

Problem

To be honest we have had the capability to recover deleted active directory objects for ages. It’s just in Windows 2016 things look a bit neater.

Enable Active Directory Recycle Bin

From Server Manager > Tools > Active Directory Administrative Center ,> {Domain-Name} > Enable Recycle Bin.

OK

Note: You may need to restart ADAC before you will be able to see the option greyed out.

Enable Active Directory Recycle Bin with PowerShell

From an administrative PowerShell window;

[box]

Enable-ADOptionalFeature ñIdentity 'CN=Recycle Bin Feature,CN=Optional Features,CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,DC=domainx,DC=net' ñScope ForestOrConfigurationSet ñTarget 'domainx.net'

[/box]

Restore an AD Object From the Recycle Bin

I’ve deleted a user , and I want to restore him. From Server Manager > Tools > Active Directory Administrative Center > {Domain-Name} > Deleted Objects.

Locate the deleted object > Restore.

Restore an AD Object From the Recycle Bin with PowerShell

First let’s make sure the item is there to restore!

[box]

Get-ADObject -filter {displayname -eq "Pete Long"} -includedeletedobjects

[/box]

Now we’ve found our deleted user, to restore them, use the same command but ‘pipe’ it to a Restore-ADObject commandlet.

[box]

Get-ADObject -filter {displayname -eq "Pete Long"} -includedeletedobjects | Restore-ADObject

[/box]

 

Related Articles, References, Credits, or External Links

NA

Leave a Reply

Your email address will not be published. Required fields are marked *