Configuring Active Directory Recycle Bin in Windows Server 2012
Active Directory Recycle Bin feature is a Long-Awaited to recover accidentally deleted Active Directory objects without restoring Active Directory data from backups, restarting Active Directory Domain Service (AD DS), or rebooting domain controller from Microsoft, which was introduced in Windows Server 2008 R2. Active Directory objects are preserved in the recycle bin for an amount of time to match the tombstone lifetime of the forest. This is 180 days by default. But in practice it is less impressive because to enable this feature we have to use Windows PowerShell and the Ldp.exe LDAP utility, which is not common for all levels of Windows Administrators. Apart from this, it requires the forest level be at least Windows Server 2008 R2. Once we enable Active Directory Recycle Bin feature, we will not be able to disable it.
In Windows Server 2012, Microsoft updates some improvement in Active Directory Recycle Bin such as it is no longer required to use Windows PowerShell or Ldp.exe to enable the Active Directory Recycle Bin. It can simply access from Active Directory Administrative Center. Even these improvements, organizations will not still acceptable to enable this feature because once we enable Active Directory Recycle Bin feature; we will not be able to disable it on Windows Server 2012. I hope Microsoft will fix this issue in the near future.
To Enable the Active Directory Recycle Bin:
1. Open Server Manager, on the Tools menu, click Active Directory Administrative Center.
2. In the navigation pane, click msserverpro(local). In the Tasks pane on right side, click Enable Recycle Bin.
3. In the Enable Recycle Bin Confirmation dialog box, click OK.
4. In the Active Directory Administrative Center dialog box, click OK.
5. On the menu bar, click the Refresh icon. Note that a Deleted Object container now appears.
Delete User Objects:
1. Open Active Directory Users and Computers, select the required OU ( HR Department), select all users under HR Dept. OU, and click Delete. In the Delete Confirmation dialog box, click Yes.
Restore Deleted Objects:
1. Open Active Directory Administrative Center.
2. In the navigation pane, select msserverpro(local), then In the center pane, double-click on Deleted Objects.
3. In the navigation pane under Deleted Objects, Press Ctrl Key and select all Deleted Users. In the Tasks pane on right side, click Restore to restore the object to its original location.
5. In the navigation pane, under msserverpro(local), select HR Department OU and make sure that all deleted objects are restored or we can go to Active Directory Users and Computers to make sure that all deleted objects are restored.
In Windows Server 2012,we can recover deleted objects easily through Active Directory Administrative Center. This simplified the recovery of Active Directory objects that were accidently deleted. I hope this helps.
- Creating and Connecting Linux Ubuntu VM in Azure - December 29, 2018
- My Precious IT Books Collections - March 1, 2018
- Configuring Azure Traffic Manager using Performance Based Routing Method - January 20, 2018
- Configuring a Point-to-Site Connection to a VNet using Azure Portal - November 28, 2017
- Configuring a VNet-to-VNet VPN Gateway Connection Using the Azure Portal - October 27, 2017
- Configuring Azure VNet Peering by using the Azure Portal - October 19, 2017
- Using the Azure Portal to Create Virtual Networks, Add Subnets and Setting up a DNS Server Address - October 17, 2017
- Extend Azure Virtual Machine OS drive using Azure Portal - June 30, 2017
- Creating a Windows Virtual Machine and Availability Set at the same time using the Azure Portal - June 11, 2017
- Remove a Node from a Windows Server 2016 Hyper-V Cluster and Destroy a Cluster Procedure - May 14, 2017