Wednesday, April 22, 2009

Using the Active Directory Recycle Bin in Windows 2008 R2: Part 1

The new recycle bin option in Windows 2008 R2 is a godsend for any admin who might accidentally delete an AD object by mistake. For some strange reason it’s not turned on by default and there are a number of steps needed to get it going.

Technet details most of it quite well but I thought I would create a quick and dirty guide for those of you just want to skip to the “good parts” ;)

1. Start a PowerShell console and type “import-module ActiveDirectory”

2. Raise the forest functional level to W2008R2 using PowerShell:

Set-ADForestMode –Identity domain.com -ForestMode Windows2008R2Forest

3. Enable the Recycling Bin using:

Enable-ADOptionalFeature –Identity ‘CN=Recycle Bin Feature,CN=Optional Features,CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration, DC=domain,DC=com’ –Scope Forest –Target ‘domain.com’

….that was the easy part.

In Part 2 I will explain how to actually view the deleted objects and restore them.

No comments:

Post a Comment