Scroll To Top

How to Enable Active Directory Recycle Bin with PowerShell and GUI?

Posted in Articles, MCSA, Servers8 months ago • Written by ShaisNo Comments

In Windows Server 2008 R2 by default the Active Directory Recycle Bin is disabled. You can not recover the deleted objects without Active Directory Recycle Bin enabled. If you want to secure Active Directory environment from deletion of nonrecoverable objects, first you should enable Active Directory Recycle bin. To perform this action, the AD forest functional level must set to Windows Server 2008 R2.

Related: Enable AD Recycle Bin in Server 2012 and 2016 using Active directory administrative center

Enable Active Directory Recycle Bin with PowerShell

Let’s do it step by step with recommended method of Microsoft using Windows Power Shell command. To do so run PowerShell and import Active Directory module. Type ‘Import-Module ActiveDirectory’ and press enter like the screenshot.

Import Active Directory Moduls in Windows PowerShell

Import Active Directory Module for Windows PowerShell

Now type the following PowerShell command to enable Recycle Bin in active directory.

Enable-ADOptionalFeature -Identity ‘CN=Recycle Bin Feature,CN=Optional Features,CN=Directory
Service,CN=Windows NT,CN=Services,CN=Configuration,dc=one,dc=local’ -Scope ForestOrConfigurationSet -Target one.local

Enable Active Directory Recycle Bin

Enable Active Directory Recycle Bin

Do it the same as screenshot and type Y in order to accept it.

Note: Remember this action is not reversible, you cant not disable it once you have been enabled in active directory environment.

So good, the Active Directory Recycle Bin has been enabled successfully. The next step is to know how to recover deleted objects.

Recover Deleted Objects of Active Directory Using PowerShell

To recover the deleted objects, you must see the list of deleted objects with ‘Get-ADObject‘ PowerShell Command. Type the following command to display all removed objects.

Get-ADObject -Filter {(isdeleted -eq $true) -and (name -ne “Deleted Objects”)} -includeDeletedObjects

Display Deleted Active Directory Objects

Display Deleted Active Directory Objects

You see the deleted active directory objects. Now you can restore it with ‘Restore-ADObject‘ command.

Now try to restore with the below command.

Get-ADObject -Filter {(isdeleted -eq $true) -and (name -ne “Deleted Objects”)} -includeDeletedObjects | Restore-ADObject

Restore Deleted Objects In Active Directory Windows Server 2008 R2

Restore Deleted Objects In Active Directory Windows Server 2008 R2

That is all. Go to active directory users and computers console, then you will see the restored object.

Recoverd Active Directory Objects

Recovered Active Directory Objects

Hope this article will help you to restore the deleted Active Directory Objects quickly in the Active Directory environment.


TAGS: , , , ,
About this Author
Shais

I'm a network and Information Security instructor. Here is my online pictorial notebook. I would like to write and share my experience through this website for computer enthusiasts and technology geeks.

Like us on Facebook
on Facebook
Shais

Follow me on Twitter
Follow @technigs on Twitter
Shais
Add me on Google+
on Google+
Shais

Leave A Response