Accidental deletions in active directory can cause havoc and unfortunately in the past I was in the middle of one such catastrophic event. It resulted in 4000 odd servers and client machines part of an OU to be deleted and the cause was found to be some housekeeping software. Such accidental deletions can be most destructive in critical industries like banking, financial and public sector organizations. This may have been avoided and secondly could have been fixed in less than 10 % of the actual time spent if the environment was using one of the latest features that we included in Windows 2008 R2 ( Active Directory Recycle Bin ). Most critical situations arise due to accidental human /tool interference or configuration and it is important to be able to come out of such situations within minimal down time, Accidental Deletion in Active Directory is one such situation. Below are preventions and recovery methods caused due to accidental deletions in Active Directory. Some of the preventive measures are listed below and also links to recovery from such catastrophe with minimal downtime.
Preventing Unwanted/Accidental deletions and Restore deleted objects in Active Directory
Windows Server 2008 Protection from Accidental Deletion
Recovery with minimal downtime
The AD Recycle Bin: Understanding, Implementing, Best Practices, and Troubleshooting
Windows Server 2008 R2 Quick Look – Active Directory Recycle Bin ~ video
AD Recycle Bin – Step By Step Guide
This is definitely a feature that can save you from nightmares.
P.S: IT Environments who are already on Windows 2008 R2 Forest Functional Level require the most minimal configuration changes to enable AD Recycle Bin. Once done you can use the Active Directory recycle bin UI in windows 8 /2012 by installing the RSAT tools on a domain joined windows 8 or windows 2012 server.
Its about time you had this feature enabled !