In this blog post, I will cover the principles of enabling the Active Directory Recycle Bin. An extremely useful feature, which sometimes gets overlooked when deployed new directories!
So what is the ‘Active Directory Recycle Bin’
Here is a quick background and a snippet taken from a TechNet blog [Link Here]
Starting in Windows Server 2008 R2, Active Directory now implements a true recycle bin. No longer will you need an authoritative restore to recover deleted users, groups, OU’s, or other objects. Instead, it is now possible to use PowerShell commands to bring back objects with all their attributes, backlinks, group memberships, and metadata. AD Recycle Bin (ADRB) was a long time coming and it definitely has its idiosyncrasies, but I think you are going to love it.
Enabling Active Directory Recycle Bin
From Windows Server Desktop, Go to Start and launch the Active Directory Administrator Center.
On the left hand under Overview will be your domain, (example: ad (local))
Right-click on the domain and from the context menu select ‘Enable Recycle Bin‘.
Click ‘Ok’ to on the on-screen prompt.
NOTE: Once this has been enabled – it cannot be disabled! (But Why would you?!)
You will then see:
Once the Administrative Center has been refreshed you can see there is a new Organisational UNit created named ‘Deleted Objects’.