Active Directory Recycle Bin


This time, we will focus on Active Directory Recycle Bin feature in domain environment using Windows Server 2012. This feature was introduced for the first time by Microsoft in Windows Server 2008R2 when your Forest Functional Level was set up to Windows Server 2008R2.

To be able to enable this feature in Windows Server 2008, you needed to run PowerShell command as Enterprise Administrator. When you wanted to restore deleted object, you needed also use PowerShell and this was real nightmare for beginner.

Whole required procedure you will find in Microsoft article titled “Active Directory Recycle Bin Step-by-Step Guide

When Windows Server 2012 was released, this feature is much more easy to set up and manage. New Active Directory Administrative Center allows to manage that over GUI. To enable Active Directory Recycle Bin over GUI, you need just few clicks to accomplish that.

Let’s see how to do that in Windows Server 2012.

First of all, we need to ensure if our Forest Functional Level is at least at Windows Server 2008R2 mode. To check that, please follow my other article which address that requirement:

and if you need to raise Domain and/or Forest Functional Level:

when above requirements are met, we need to run Active Directory Administrative Center on Windows Server 2012 or run it from RSAT for Windows 8

Active Directory Administrative Center

In ADAC, select domain name on the left side to see available tasks for this forest/domain

Tasks in ADAC

Now, you can see in ADAC on the right side, that you can enable AD Recycle Bin. If this option is grayed that means:

  • Forest Functional Level is lower than Windows Server 2008R2
  • Active Directory Recycle Bin is already enabled

If everything is OK then this option can be used. Click on it to enable the feature in your forest.

Note! Remember that ADAC console must be running on Enterprise Administrator credentials

Enabling Active Directory Recycle Bin

Confirm that you wish to enable this feature

Important!Once, you enabled AD Recycle Bin you cannot disable it!



So, due to information after AD Recycle Bin has been enabled, you need to wait for replication between all Domain Controllers in entire forest to start it working.

After refresh of Active Directory Administrative Center, you should see new container named “Deleted Objects

New container

From now on, all deleted objects would go to that container. You are able to restore any of those objects until their tombstone lifetime would not pass.

Deleted objects

During deleted object restoration, you may choose one of following actions:

  • Restore
  • Restore To
  • Locate parent
  • Properties

Restore allows you deleted object restoration into the original location where this object was before it has been deleted

Restore To allows you to choose new location where you want to restore deleted object

Locate parent redirects you to the location where object resided before deletion

Properties show information about deleted object

Mostly, you may wish to restore object into original location, so for that select deleted object, click right mouse button on it and choose “Restore”

Deleted object restoration

and you can simply verify if object was restored by going into its original location. Hey, it works! What a great feature! 🙂

Restored object

Author: Krzysztof Pytko


Leave a Reply

Your email address will not be published. Required fields are marked *