The new recycle bin option in Windows 2008 R2 is a godsend for any admin who might accidentally delete an AD object by mistake. For some strange reason it’s not turned on by default and there are a number of steps needed to get it going.
Technet details most of it quite well but I thought I would create a quick and dirty guide for those of you just want to skip to the “good parts” ;)
1. Start a PowerShell console and type “import-module ActiveDirectory”
2. Raise the forest functional level to W2008R2 using PowerShell:
Set-ADForestMode –Identity domain.com -ForestMode Windows2008R2Forest
3. Enable the Recycling Bin using:
Enable-ADOptionalFeature –Identity ‘CN=Recycle Bin Feature,CN=Optional Features,CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration, DC=domain,DC=com’ –Scope Forest –Target ‘domain.com’
….that was the easy part.
In Part 2 I will explain how to actually view the deleted objects and restore them.