Serverspace Black Friday
OL
July 1, 2021
Updated May 25, 2023

How to Enable Active Directory Recycle Bin

AD Windows

Active Directory Recycle Bin enables a feature for administrators to restore deleted objects.

How to enable Active Directory Recycle Bin:

Finding Domain Naming Master Server

We recommend enabling Recycle Bin feature on your DC with Domain Naming Master role. In order to get what domain controller holds this role, you need to use netdom.exe application with following parameters (run it in cmd):

netdom.exe query fsmo

Finding Domain Naming Master Server

Alternatively, this can be achieved in PowerShell console under elevated privileges:

Import-Module ActiveDirectory
Get-ADForest | Format-List DomainNamingMaster

PowerShell console | Serverspace

How to Enable Recycle Bin in AD Administrative Center

To do this, you need a domain admin user account. Start AD Administrative Center(start->run->dsac.exe).

Click on your domain name and in the "Tasks" pane click "Enable Recycle Bin...".

How to Enable Recycle Bin in AD Administrative Center

Alternatively, right-click your domain in overview, and click “Enable Recycle Bin...”.

Enable Recycle Bin | Serverspace

The confirmation window appears, which tells us that Recycle Bin can only be enabled once without a disabling option. Click OK.

Enable Recycle Bin | Serverspace

After enabling the bin we need to refresh ADAC window click OK in appeared warning and refresh ADAC by clicking on refresh button in top right corner of the window:

You will see that new container named “Deleted Objects” appears near “Computers” container.

Deleted Objects | Serverspace

How to Enable Recycle Bin in PowerShell Console

Recycle Bin can also be enabled with PowerShell console. You need to run PowerShell.exe under elevated permissions and type in the following code:

Import-Module ActiveDirectory
Enable-ADOptionalFeature -Identity "CN=Recycle Bin Feature,CN=Optional Features,CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,DC=office,DC=local" -Scope ForestOrConfigurationSet –Target "office.local"

Replace office, local, office.local with your own domain parameters. System will ask for confirmation, type in “y” to continue and “Deleted Objects” container appears.

So now after an AD object is deleted it's “isDeleted” attribute is set to “true”, however it's “isRecycled” attribute is untouched. With these parameters deleted object moves to “Deleted Objects” from where you can easily restore it by right-clicking it and selecting restore.

How to Enable Recycle Bin in PowerShell Console

In 60 days the recycle lifetime expires, and “isRecycled” parameter changes to "true", in this case an object is deleted permanently.

Vote:
5 out of 5
Аverage rating : 5
Rated by: 2
1101 CT Amsterdam The Netherlands, Herikerbergweg 292
+31 20 262-58-98
700 300
ITGLOBAL.COM NL
700 300
We use cookies to make your experience on the Serverspace better. By continuing to browse our website, you agree to our
Use of Cookies and Privacy Policy.