Active Directory Recycle Bin in Windows Server 2008 R2

Ned here again. Now that the moratorium has ended, I can start talking about new features in Windows 7 and Windows Server 2008 R2. To get things rolling today, I wanted to give you a very brief introduction to the AD Recycle Bin. It’s brief because we expect a lot of folks will be using this and we already have a lot of good step-by-step documents released – so I am just going to point you to there and set you loose. Feel free to use the Release Candidate version of Win2008 R2 of this until we start throwing RTM ISO’s out there; RC’s pretty much feature complete, and Recycle Bin works.

For those that haven’t been keeping up, AD Recycle Bin allows admins to restore deleted objects like users, groups, computers, OU’s, etc without the need for an authoritative restore or backup tapes. If you ever been on the wrong end of some mullet head accidentally zapping 10,000 user accounts with his ‘provisioning script’, this is the feature for you. It has these requirements:

  • Windows Server 2008 R2 DC(s)
  • Windows Server 2008 R2 Forest Functional Level

For further introduction, check out:

What’s New in AD DS: Active Directory Recycle Bin (TechNet)

For a complete step-by-step guide, check out:

Active Directory Recycle Bin Step-by-Step Guide (TechNet)

For two very useful sample scripts (did I mention that Recycle Bin administration is implemented in AD Powershell?):

Appendix B: Restore Multiple, Deleted Active Directory Objects (Sample Script) (TechNet)
Inspecting Deleted Objects before Restore (AD PowerShell Blog)

I’ll be happy to answer any questions you have on this here. Have a nice weekend testing :-).

 – Ned ‘Go Green’ Pyle