This session, Active Directory Recycle Bin, was presented by Mark Minasi, which is always a riot to listen to. In addition to really knowing his stuff, he’s probably in the the top two TechEd presenters for style. Guaranteed laughs!
Prior to Windows Server 2008 R2, when you delete an object it’s gets stripped of most of its attributes and is put in a special hidden OU called “Deleted Objects.” For example, if you delete a user then virtually every property except the SAM account name is removed. Password, title, office, name…all gone! If you restore the object then you need to re-populate the attributes. Yes you could do an authoritative restore on the object, but in large environments this can take a significant amount of time and requires taking one DC offline.
Starting with Windows Server 2008 R2, if your entire forest is in Windows Server 2008 R2 functional mode, there’s a new concept called the Active Directory Recycle bin. Unlike previous versions of the operating system, all attributes on deleted objects are preserved. Group membership,name, previous OU location, etc. are all retained. Nifty eh?
But the kicker is that this new feature is not enabled by default, and only objects deleted after you enable this feature can be restored. So as soon as your forest is in 2008 R2 functional mode, turn on this feature.
How does object deletion work in 2008 R2 FFL? For the first 180 days after the object is deleted it is put in the recycle bin and you can easily restore it. After 180 days its now placed in the deleted objects OU, tombstoned, and permanently deleted after another 180 days. So any deleted object is retained in AD for a total of 360 days.
Mark covered several methods to restore the objects, using PowerShell and Ldp. Given those methods are a bit tedious, there’s a GUI way to do it. If you download PowerGUI then download the Active Directory Recycle Bin Powerpack, you can now do several tasks from a friendly GUI:
– Restore a deleted object (original location)
– Restore a deleted object to a different location
– Permanently delete an objects
– Empty the recycle bin
– Enable the recycle bin
Happy undeleting!
