Header Ads


Active Directory Recycle Bin--How do you use it

Active Directory Recycle Bin helps minimize directory service downtime by enhancing your ability to preserve and restore accidentally deleted Active Directory objects without restoring Active Directory data from backups, restarting Active Directory Domain Services (AD DS), or rebooting domain controllers.
When you enable Active Directory Recycle Bin, all link-valued and non-link-valued attributes of the deleted Active Directory objects are preserved and the objects are restored in their entirety to the same consistent logical state that they were in immediately before deletion. For example, restored user accounts automatically regain all group memberships and corresponding access rights that they had immediately before deletion, within and across domains.
Active Directory Recycle Bin is functional for both AD DS and Active Directory Lightweight Directory Services (AD LDS) environments.
By default, Active Directory Recycle Bin in Windows Server 2008 R2 is disabled. To enable it, you must first raise the forest functional level of your AD DS or AD LDS environment to Windows Server 2008 R2, which in turn requires all forest domain controllers or all servers that host instances of AD LDS configuration sets to be running Windows Server 2008 R2.

To enable Active Directory Recycle Bin using the Enable-ADOptionalFeature cmdlet

1.    Click Start, click Administrative Tools, right-click Active Directory Module for Windows PowerShell, and then click Run as administrator.
1. At the Active Directory module for Windows PowerShell command prompt, type the following command, and then press ENTER:
Enable-ADOptionalFeature -Identity <ADOptionalFeature> -Scope <ADOptionalFeatureScope> -Target <ADEntity>

For example, to enable Active Directory Recycle Bin for pilot.com, type the following command, and then press ENTER:

Enable-ADOptionalFeature –Identity ‘CN=Recycle Bin Feature,CN=Optional Features,CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,DC=pilot,DC=com’ –Scope ForestOrConfigurationSet –Target ‘pilot.com’

No comments:

Systemadminworld. Powered by Blogger.