Restoring items from the Active Directory Recycle Bin

Active Directory Recycle bin was first introduced in Server 2008R2.
We are going to restore a user account called Bobo.
Windows Server 2008R2
This article assumes that your active directory schema is on at least v56, and that the active directory recycle bin has been enabled.

Step 1:  List deleted users
First of all, type: import-module activedirectory (or launch the active directory admin powershell prompt)
Get-ADObject -Filter { CN -like "*bobo*" } -IncludeDeletedObjects
This shows all objects with the name starting with bob.Notice that Bobo has been deleted

Restore a deleted user account

 

 

Step 2: Restore Bobo,
 Get-ADObject -Filter { CN -like "*bobo*" } -IncludeDeletedObjects | restore-ADobject

Press enter – Bobos account has been restored.

You will be shown the OU the object has been restored to.

Windows Server 2012+R2
Assuming you have server 2012 or later…
After having to learn a little powershell for restoring AD accounts in Server 2008 R2, in 2012, simply open the Active Directory Administrative Center app, enter the name of the person you nuked, then click restore.  Easy.
server 2012 ad acc restore
Never to rush and delete an AD object, If you do however, AD Recycle bin gives you at least some chance of a recovery!
Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s