{"id":4054,"date":"2015-09-03T08:23:14","date_gmt":"2015-09-03T13:23:14","guid":{"rendered":"http:\/\/www.poweradmin.com\/blog\/?p=4054"},"modified":"2015-08-14T09:16:19","modified_gmt":"2015-08-14T14:16:19","slug":"restoring-deleted-objects-from-active-directory-using-ad-recycle-bin","status":"publish","type":"post","link":"https:\/\/www.poweradmin.com\/blog\/restoring-deleted-objects-from-active-directory-using-ad-recycle-bin\/","title":{"rendered":"Restoring deleted objects from Active Directory using AD Recycle Bin"},"content":{"rendered":"

Windows Server 2008 R2 introduced a new way in which deleted objects can be recovered within an Active Directory infrastructure. This new feature added the so called AD Recycle Bin<\/i> which enables Administrators to easily recover deleted objects. Before the Active Directory Recycle Bin was introduced, the restoration process of deleted objects was a painful and difficult process. There were two methods that could be used to recover objects, but each of them had a drawback:<\/span><\/p>\n

\u00b7 Using ntdsutil<\/i> command line tool \u2013 the problem with this method was that you had to reboot the Domain Controller into DSRM (Directory Services Restore Mode)<\/i> which made your server unavailable for a period of time. This process was tricky if the DC was running in a production environment so taking it down for a while had some consequences.<\/span><\/p>\n

\u00b7 Using tombstone<\/i> reanimation \u2013 a difficult method that enabled you to recover deleted objects from CN=Deleted Objects<\/i>. To find out more about this restoration method, check out this<\/a> article. I\u2019ve never actually used this process because I usually worked in environments hosting multiple DC for data redundancy and I\u2019ve always preferred the first method.<\/span><\/p>\n

In Windows Server 2008 R2 you would have been able to restore objects by using Windows PowerShell only. With the release of Windows Server 2012, this feature has been included into Active Directory Administrative Center<\/i> and you can easily recover objects using this console.<\/span><\/p>\n

Note that by default, Active Directory Recycle Bin is not enabled in Windows Server 2012. You can use Active Directory Administrative Center<\/i> to restore objects that were deleted after this feature was enabled. For older objects you can still use the methods mentioned previously. This feature can be enabled if Domain Controllers run either Windows Server 2008 R2<\/i> or Windows Server 2012<\/i> and if the forest functional level is set to Windows Server 2008 R2<\/i> or higher.<\/span><\/p>\n

To view your forest functional level use the Get-ADForest<\/i> cmdlet, if you are running a lower version, use the Set-ADForestMode -Identity ppscu.com -ForestMode Windows2012Forest <\/i>command to change it to a higher level:<\/span><\/p>\n

\"get-adforest\"<\/a><\/p>\n

There are two ways in which you can enab<\/i><\/span>le<\/i> AD Recycle Bin<\/i>:<\/span><\/p>\n

\u00b7 Using the Active Directory Administrative Center<\/i> console: open the console, navigate to the domain\u2019s name section, right click<\/i> the domain and select Enable Recycle Bin<\/i>:<\/span><\/p>\n

\"active<\/a><\/p>\n

\u00b7 Using Windows PowerShell: use the Get-ADOptionalFeature -Filter *<\/i> cmdlet to list AD Optional Features:<\/span><\/p>\n

\"get-adoptionalfeature\"<\/a><\/p>\n

Now use Enable-ADOptionalFeature \u2018Recycle Bin Feature\u2019 -Scope ForestOrConfigurationSet -Target ppscu.com -Server WinSrv1<\/i> to enable it on your DC. Note that this operation is irreversible and you will be prompted during the configuration process:<\/span><\/p>\n

\"enable-adoptionalfeature\"<\/a><\/p>\n

Once this feature has been enabled, create a test user account and then delete it. Now navigate to the Deleted Objects OU<\/i> to view its content:<\/span><\/p>\n

\"active<\/a><\/p>\n

Deleted objects will appear under this Organizational Unit, to restore an object from it, simply click on the Restore<\/i> (to restore to the same OU) or Restore To<\/i> (to specify the restoration location) buttons:<\/span><\/p>\n

\"active<\/a><\/p>\n

You can perform a similar operation using Windows Powershell. Execute Get-ADObject -filter \u2018isdeleted -eq $true -and name -ne \u201cDeleted Objects\u201d\u2018 -includeDeletedObjects -property *<\/i> to view AD deleted objects:<\/span><\/p>\n

\"get-adobject<\/a><\/p>\n

Once you\u2019ve noted the display name of the deleted object, use Get-ADObject -Filter {DisplayName -like \u2018dan popi\u2019} -IncludeDeletedObjects | Restore-ADObject<\/i> to restore the user account:<\/span><\/p>\n

\"get-adobject<\/a><\/p>\n

By default, if an object has been deleted, it can be recovered within a 180 days interval. This value is specified in the msDS-DeletedObjectLifetime <\/i>attribute. However, if you want to change this value, you can use the following command:<\/span><\/p>\n

Set-ADObject -Identity \u201cCN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,DC=ppscu,DC=com\u201d \u2013Partition \u201cCN=Configuration,DC=ppscu,DC=com\u201d \u2013Replace:@{\u201cmsDS-DeletedObjectLifetime\u201d = 200}<\/i><\/span><\/p>\n

As you can see, the restoration process of deleted objects has been significantly simplified in Windows Server 2012. You can now use the Active Directory Administrative Center console to perform this operation really fast. I like the way Microsoft implemented Active Directory Recycle Bin feature in this Windows Server Edition because it makes System Administrators life much easier. I think that you should enable this feature whenever possible if your enterprise security policy allows you to do so because human error can occur and being able to restore deleted objects fast is crucial in a production environment. Hope this article will serve you will in better understanding the way Recycle Bin feature can be used in Windows Server 2012. For any questions fell free to use our comments section. Wish you all the best!<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

Windows Server 2008 R2 introduced a new way in which deleted objects can be recovered within an Active Directory infrastructure. This new feature added the so called AD Recycle Bin which enables Administrators to easily recover deleted objects. Before the Active Directory Recycle Bin was introduced, the restoration process of deleted objects was a painful […]<\/p>\n","protected":false},"author":4,"featured_media":4056,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5,9,8],"tags":[],"class_list":["post-4054","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-how-to","category-technical","category-windows"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts\/4054","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/comments?post=4054"}],"version-history":[{"count":1,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts\/4054\/revisions"}],"predecessor-version":[{"id":4063,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/posts\/4054\/revisions\/4063"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/media\/4056"}],"wp:attachment":[{"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/media?parent=4054"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/categories?post=4054"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.poweradmin.com\/blog\/wp-json\/wp\/v2\/tags?post=4054"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}