Windows Server 2016

Enable Windows Server 2016 Active Directory Recycle Bin

Let's take a look at a couple of methods to enable windows server 2016 active directory recycle bin, a feature that allows easy restores of deleted objects
Brandon LeeMarch 6, 2017Last Updated: April 2, 2024
2 minutes read
recycle16_02c
recycle16_02c

In our last post, we talked about the Active Directory Administrative Center in Windows Server 2016. ย ADAC is a great way to interface with Active Directory with a task oriented GUI interface. ย One of the things we can do from the ADAC interface is turn on the Active Directory recycle bin feature for Active Directory. Active Directory Recycle Bin makes it much easier to recover accidentally deleted objects over legacy reanimation of tombstoned objects. ย Let’s take a look at how to enable Windows Server 2016 Active Directory Recycle Bin using ADAC as well as PowerShell.

Enable Windows Server 2016 Active Directory Recycle Bin

Before thinking about enabling the Active Directory Recycle Bin feature, you need to be a member of the Enterprise Admins group to successfully enable the option. ย Let’s look first at doing this using the Active Directory Administrative Center or ADAC to enable the recycle bin. ย To launch ADAC, simply typeย dsac.exe. ย Notice over in the right hand column theย Enable Recycle Bin link.

recycle16_01

Once you click theย Enable Recycle Bin link, you will see the warning about the gravity of what you are going to do. ย This operation is irreversible, so you can expect to see such a warning. ย However, the AD recycle bin is definitely a worth feature to enable.

recycle16_02

After enabling the feature, you will see the notice that the process to enable the feature has begun. ย Replication of course will need to replicate this to all the DCs in the forest.

recycle16_02b

After you refresh the ADAC interface, you will now see theย Enable Recycle Bin link is greyed out.

recycle16_02c

Using PowerShell to Enable

Using PowerShell to enable the Active Directory Recycle Bin is equally as painless. ย You use the following commandlet:

Enable-ADOptionalFeature โ€“Identity 'CN=Recycle Bin Feature,CN=Optional Features,CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,DC=testlab,DC=local' โ€“Scope ForestOrConfigurationSet โ€“Target 'testlab.local'

You also receive the notice in PowerShell to confirm the action.

recycle16_03

Testing

I have created aย testuser account in aย TestOU container. ย Let’s simulate an accidental deletion. ย As you can see, I am about to delete the testuser account.

recycle16_04

It is now gone!

recycle16_04b

Restoring Deleted Object

To restore the object, we need to be a member of at least the Domain Admins group. ย To restore a deleted object,ย we again utilize PowerShell. ย You can see the deleted objects by running the following commandlet:

get-adobject -filter {displayname -eq "testuser"} -includedeletedobjects

As expected, I see theย testuser account.

recycle16_05

To restore the object we can simply run the commandlet:

get-adobject -filter {displayname -eq "testuser"} -includedeletedobjects | Restore-ADObject

The object is restored in PowerShell with little fanfare.

recycle16_06

A quick refresh of the ADUC interface once again shows theย testuser object.

recycle16_07

Thoughts

The process to enable Windows Server 2016 Active Directory Recycle Bin is very straightforward. ย In this example we took a look at using either ADAC or PowerShell to enable the feature. ย Both methods are easy however, some may prefer the graphical interface over the PowerShell commandline.

Brandon LeeMarch 6, 2017Last Updated: April 2, 2024
2 minutes read

Subscribe to VirtualizationHowto via Email ๐Ÿ””

Enter your email address to subscribe to this blog and receive notifications of new posts by email.



Photo of Brandon Lee

Brandon Lee

Brandon Lee is the Senior Writer, Engineer and owner at Virtualizationhowto.com, and a 7-time VMware vExpert, with over two decades of experience in Information Technology. Having worked for numerous Fortune 500 companies as well as in various industries, He has extensive experience in various IT segments and is a strong advocate for open source technologies. Brandon holds many industry certifications, loves the outdoors and spending time with family. Also, he goes through the effort of testing and troubleshooting issues, so you don't have to.

Related Articles

adds2016_01

Prepare Active Directory Windows Server 2016 DC Adprep

October 6, 2016
wsus16_18

Install and Configure Windows Server 2016 WSUS

May 16, 2017
w2012dc16up11b

Upgrade Windows Server 2012 R2 Domain Controller to Windows Server 2016

November 29, 2016
smtp2016_01

Add SMTP Windows Server 2016

January 13, 2016

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

© Copyright 2024, All Rights Reserved  | VirtualizationHowto.com