I am quite sure that by now you must have read my previous post on how to enable Recycle Bin in Windows 2012 Server and if not then I would request you to read it before you start reading this post as that post will give you an insight of what exactly is a Recycle Bin
How to Enable Recycle Bin in Active Directory Administrative Center
http://www.adshotgyan.com/2014/11/how-to-enable-recycle-bin-in-active.html
In this post, we will learn how to use the Recycle Bin which we have enabled which means we will try to recover deleted data using Recycle Bin
In my Active Directory, I have created one OU named "Managers" and have created two users "Manager1" and "Manager2"
Note: You can restore the users from Recycle Bin either using Powershell or the Active Directory Administrative Center. Choice is Yours
User "Manager1" and "Manager2"
The option to Enable Recycle Bin is grayed out as its already enabled
You can confirm if the Recycle Bin is enabled or not from ADSIEDIT
Configuration Partition -> CN=Services -> CN=WindowsNT -> CN=Directory Services -> CN=Optional Features -> CN=Recycle Bin Feature
Select the option of "Backlinks"
The value of "msDS-EnabledFeatureBL" should be populated
Now, Lets jump back to our Active Directory Administrative Center
In my previous post, How to Enable Recycle Bin in Active Directory Administrative Center
http://www.adshotgyan.com/2014/11/how-to-enable-recycle-bin-in-active.html, I have discussed different ways of restoring deleted from Active Directory. The key benefit of using Recycle Bin is that you get back "ALL" the attributes of a deleted object as opposed to restoring objects using LDP/ADRestore
So, to prove my above point, I will add this Manager1 to one more group. Currently, Manager1 is a member of Domain Users group, lets make it a part of administrators group as well
Same with Manager2
Now lets do something destructive... Lets delete these two users "Manager1" and "Manager2"
In the same snap-in, now when I click on "Deleted Objects", I do see "Manager1" and "Manager2"
Let`s Explore Few Options....
On right top corner, we have this down arrow key. Clicking on this down error will give us the option of "Add Criteria"
Click on "Add Criteria" and you will see quite a good number of options to select from...
For now, I will select "When Deleted"
Since the filter of "When Deleted" has been selected, I now have the following option to select the date (Range)
- is less than or equal to
- is greater than or equal to
- is between
- equals
- does not equal
- starts with
For Example, If I select "is between", then I can specify a start date and end date for which it will list all the objects which were deleted during this time period
Now lets explore more....
- Restore
- Restore To
- Locate Parent
- Properties
Properties
Quite Useful Information.... :)
Locate Parent
And It takes you to the Parent OU where these objects were present before they were deleted
Restore To
This option will give you an option to select the location (OU) in which you want to restore this deleted object
Once clicked, the object will be restored to the location selected
So, the "Manager1" account is now restored and is in "Users" Container
Ahhhh.... This restoration has restored the membership of the user account as well.... :)
But what exactly is going on in the background... Or what if you want to use the Power of Powershell next time to restore the deleted objects
Click on bottom left option "Windows PowerShell History"
This will list all the PowerShell commands which ran in the background right from deleting the user to restoring the user
Now we need to restore the other user "Manager2"
Lets use the option "Restore" this time instead of "Restore To"
Restore
Restored ? Really?
Yeah... Cool.... To the "Restore" option will restore the deleted object to the OU/Container from where the object was deleted based on its "LastKnowParent" attribute
And of course the membership check....
Power of PowerShell...
Note the "-Properties:LastKnownParent"
How to Enable Recycle Bin in Active Directory Administrative Center
http://www.adshotgyan.com/2014/11/how-to-enable-recycle-bin-in-active.html
In this post, we will learn how to use the Recycle Bin which we have enabled which means we will try to recover deleted data using Recycle Bin
In my Active Directory, I have created one OU named "Managers" and have created two users "Manager1" and "Manager2"
Note: You can restore the users from Recycle Bin either using Powershell or the Active Directory Administrative Center. Choice is Yours
User "Manager1" and "Manager2"
The option to Enable Recycle Bin is grayed out as its already enabled
You can confirm if the Recycle Bin is enabled or not from ADSIEDIT
Configuration Partition -> CN=Services -> CN=WindowsNT -> CN=Directory Services -> CN=Optional Features -> CN=Recycle Bin Feature
Select the option of "Backlinks"
The value of "msDS-EnabledFeatureBL" should be populated
Now, Lets jump back to our Active Directory Administrative Center
In my previous post, How to Enable Recycle Bin in Active Directory Administrative Center
http://www.adshotgyan.com/2014/11/how-to-enable-recycle-bin-in-active.html, I have discussed different ways of restoring deleted from Active Directory. The key benefit of using Recycle Bin is that you get back "ALL" the attributes of a deleted object as opposed to restoring objects using LDP/ADRestore
So, to prove my above point, I will add this Manager1 to one more group. Currently, Manager1 is a member of Domain Users group, lets make it a part of administrators group as well
Same with Manager2
Now lets do something destructive... Lets delete these two users "Manager1" and "Manager2"
In the same snap-in, now when I click on "Deleted Objects", I do see "Manager1" and "Manager2"
Let`s Explore Few Options....
On right top corner, we have this down arrow key. Clicking on this down error will give us the option of "Add Criteria"
Click on "Add Criteria" and you will see quite a good number of options to select from...
For now, I will select "When Deleted"
Since the filter of "When Deleted" has been selected, I now have the following option to select the date (Range)
- is less than or equal to
- is greater than or equal to
- is between
- equals
- does not equal
- starts with
For Example, If I select "is between", then I can specify a start date and end date for which it will list all the objects which were deleted during this time period
Now lets explore more....
- Restore
- Restore To
- Locate Parent
- Properties
Properties
Quite Useful Information.... :)
Locate Parent
And It takes you to the Parent OU where these objects were present before they were deleted
Restore To
This option will give you an option to select the location (OU) in which you want to restore this deleted object
Once clicked, the object will be restored to the location selected
So, the "Manager1" account is now restored and is in "Users" Container
Ahhhh.... This restoration has restored the membership of the user account as well.... :)
But what exactly is going on in the background... Or what if you want to use the Power of Powershell next time to restore the deleted objects
Click on bottom left option "Windows PowerShell History"
This will list all the PowerShell commands which ran in the background right from deleting the user to restoring the user
Now we need to restore the other user "Manager2"
Lets use the option "Restore" this time instead of "Restore To"
Restore
Restored ? Really?
Yeah... Cool.... To the "Restore" option will restore the deleted object to the OU/Container from where the object was deleted based on its "LastKnowParent" attribute
And of course the membership check....
Power of PowerShell...
Note the "-Properties:LastKnownParent"
Happy Learning !!!!