TECHNIG
Gateway for IT Experts and Tech Geeks

How to Enable Active Directory Recycle Bin with PowerShell and GUI?

In Windows Server 2008 R2 by default the Active Directory Recycle Bin is disabled. You can not recover the deleted objects without Active Directory Recycle Bin enabled. If you want to secure Active Directory environment from deletion of nonrecoverable objects, first you should enable Active Directory Recycle bin. To perform this action, the AD forest functional level must set to Windows Server 2008 R2.

Related: Enable AD Recycle Bin in Server 2012 and 2016 using Active directory administrative center

Enable Active Directory Recycle Bin with PowerShell

Let’s do it step by step with recommended method of Microsoft using Windows Power Shell command. To do so run PowerShell and import Active Directory module. Type ‘Import-Module ActiveDirectory’ and press enter like the screenshot.

Import Active Directory Moduls in Windows PowerShell
Import Active Directory Module for Windows PowerShell

Now type the following PowerShell command to enable Recycle Bin in active directory.

Enable-ADOptionalFeature -Identity ‘CN=Recycle Bin Feature,CN=Optional Features,CN=Directory
Service,CN=Windows NT,CN=Services,CN=Configuration,dc=one,dc=local’ -Scope ForestOrConfigurationSet -Target one.local

Enable Active Directory Recycle Bin
Enable Active Directory Recycle Bin

Do it the same as screenshot and type Y in order to accept it.

Note: Remember this action is not reversible, you cant not disable it once you have been enabled in active directory environment.

So good, the Active Directory Recycle Bin has been enabled successfully. The next step is to know how to recover deleted objects.

Recover Deleted Objects of Active Directory Using PowerShell

To recover the deleted objects, you must see the list of deleted objects with ‘Get-ADObject‘ PowerShell Command. Type the following command to display all removed objects.

Get-ADObject -Filter {(isdeleted -eq $true) -and (name -ne “Deleted Objects”)} -includeDeletedObjects

Display Deleted Active Directory Objects
Display Deleted Active Directory Objects

You see the deleted active directory objects. Now you can restore it with ‘Restore-ADObject‘ command.

Now try to restore with the below command.

Get-ADObject -Filter {(isdeleted -eq $true) -and (name -ne “Deleted Objects”)} -includeDeletedObjects | Restore-ADObject

Restore Deleted Objects In Active Directory Windows Server 2008 R2
Restore Deleted Objects In Active Directory Windows Server 2008 R2

That is all. Go to active directory users and computers console, then you will see the restored object.

Recoverd Active Directory Objects
Recovered Active Directory Objects

Hope this article will help you to restore the deleted Active Directory Objects quickly in the Active Directory environment.

Leave A Reply

Your email address will not be published.