Initially introduced as an optional feature in Windows Server 2008 R2, the Active Directory Recycle Bin alters the way deleted objects are managed in your AD database. It creates a hidden container in your domain tree, storing deleted objects for a set period before permanently removing them. This feature enhances AD’s robustness, enabling swift and efficient recovery of deleted users, groups, computers, and organizational units without relying on backup tools, restarting AD Domain Services, or rebooting domain controllers.
Note:
If your organization has multiple Domain Controllers, you only need to enable the Active Directory Recycle Bin on one Domain Controller. This change will propagate across the entire forest.
Steps to Enable Active Directory Recycle Bin
- Sign in on the Domain Controller: Log in with an account that has the necessary administrative privileges.
- Start Server Manager: Open the Server Manager from the start menu.
- Open Active Directory Administrative Center: Click on Tools and select Active Directory Administrative Center from the dropdown menu.
- Enable Recycle Bin:
- Navigate to your domain within the Active Directory Administrative Center.
- In the Tasks pane, click on Enable Recycle Bin.
Note: Once the Recycle Bin is enabled, it cannot be disabled.
- Navigate to your domain within the Active Directory Administrative Center.
- Confirm the Action:
- A confirmation dialog will appear. Click OK to proceed.
- Another confirmation dialog will appear. Click OK again.
- A confirmation dialog will appear. Click OK to proceed.
- Verify the Change:
- Click the refresh icon in the Active Directory Administrative Center.
- Ensure that the Enable Recycle Bin option is now greyed out, indicating that it is active.
You have successfully enabled the Active Directory Recycle Bin on your Windows Server.
How to Recover Objects with the Active Directory Recycle Bin?
If you want to recover an object from the recycle bin, you need to open the Active Directory Administrative Center and then double click on the “deleted objects” folder to open it . Here you can explore the list of deleted objects to find the deleted object state you wish to restore.
Conclusion
Enabling the Active Directory Recycle Bin is a crucial step to ensure that you can easily recover deleted objects in your AD forest. Always make sure it is enabled after setting up your Domain Controller.