Call us: (407) 567-0096
Open a ticket
Chat with us
USA flag German flag Spanish flag
BLOG Published on 2016/07/31 by Asitha De Silva in Tech-Tips

Active Directory Recycle Bin – Windows Server 2012 R2

Active directory recycle bin is a feature introduced with windows server 2008 R2 to undo or recover a deletion of an Active directory object. With windows server 2012 R2, you can use this feature to recover User objects, Computer objects or Organizational groups when you accidentally or purposefully deleted from the Active directory.


The Feature is rather improved, now it’s a part of the Active Directory administration center. So it’s not required to use PowerShell commands when recovering. AD Administration center has a GUI, which can be used to easily locate a deleted item, and from one click you can restore it to the original location. This is a very useful feature in day to day operations and let’s see how we can enable this.


Enabling AD Recycle Bin


Before enabling this feature you have to check whether your AD functional level is supported. You have to have minimum Windows server 2008R2 Forest functional level or higher. And it’s irreversible, once you have enable it you cannot disable. Also you need to aware that size of the NTDS database will be increase after you enabled the recycle bin. It will keep the deletion data and with time it will increase more, so I suggest you to delete unnecessary data from the bin time to time. Enterprise admin rights are required to access the recycle bin.



  1. Login to the Domain controller using Enterprise Admin credentials
  2. Open Active Directory Administration Center from Administration tools 


  3. Select the Domain name and click Enable Recycle bin from Right side panel 


  4. Press OK in the confirmation and refresh the Administration center
  5. Now you can see, Enable Recycle bin option is been grayed and there is containers called Deleted Objects



How to restore an object

To test the configurations, let’s create a test account, delete it and check how to restore it using the Administrative center.



  1. Create a User account in an OU
  2. Delete the account


  3. Open Administration Center – Deleted Objects, and you can see the deleted user account


  4. When you right click on the deleted object there is four options to select.
    Restore – Restore the object to its original location,
    Restore to – Restore it to a new location,
    Locate Parent – show where the object existed before the deletion, 
    Properties – Object properties, Name, Object Class, and UNS,

    Right click and select restore


  5. Go to the original location OU, you can find the deleted object successfully restored. 


AD Recycle Bin is a useful tool in day to day operations. It will minimize the risk of the operation. You can delegate user operations to the help desk or junior staff, so if they make any mistake you have the option to correct it. Hope this post is useful

Cheers

Asitha De Silva











Asitha De Silva

Consultant Cloud Solutions

Expert in architecting and implementing cloud-based infrastructure solutions.

Popular
Volume Activation Management Tool 3.1 – Implementing and Activating
By  Asitha De Silva  -   2015/12/13
Windows File Server 2016 | Map Network Drive for Users and Group Drive using GPO
By  Asitha De Silva  -   2017/12/28
Multiple Password Policies for Domain Users
By  Asitha De Silva  -   2019/11/16
Newsletter

To keep up with the news and updates related to our products, make sure to subscribe to our newsletter!

Copyright © 2024 Terminalworks. All Rights Reserved

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Cookie Policy. Privacy details