<!-- WP QUADS Content Ad Plugin v. 2.0.92 -->
<div class="quads-location quads-ad2526 " id="quads-ad2526" style="float:none;margin:0px 3px 3px 3px;padding:0px 0px 0px 0px;" data-lazydelay="0">

</div>

<h2 class="wp-block-heading">Active Directory Recycle Bin </h2>



<p>Starting with Windows 2008 R2, Microsoft introduced the Active Directory recycling bin. This is great for recovering objects back into AD if they are accidentally deleted. In order to use the recycle bin feature, your forest must be running with a functional level of Windows 2008 R2. If your forest is running at this level you simply run a PowerShell command to enable it.</p>
<!-- WP QUADS Content Ad Plugin v. 2.0.92 -->
<div class="quads-location quads-ad2525 " id="quads-ad2525" style="float:none;margin:0px 3px 3px 3px;padding:0px 0px 0px 0px;" data-lazydelay="0">

</div>

<!-- WP QUADS Content Ad Plugin v. 2.0.92 -->
<div class="quads-location quads-ad2530 " id="quads-ad2530" style="float:none;margin:0px 3px 3px 3px;padding:0px 0px 0px 0px;" data-lazydelay="0">

</div>

<!-- WP QUADS Content Ad Plugin v. 2.0.92 -->
<div class="quads-location quads-ad2522 " id="quads-ad2522" style="float:none;margin:0px 3px 3px 3px;padding:0px 0px 0px 0px;" data-lazydelay="0">

</div>




<h2 class="wp-block-heading"><strong>Enable</strong></h2>



<p>To enable Active Directory Recycle Bin using the Enable-ADOptionalFeature cmdlet</p>



<p>Click Start, click Administrative Tools, right-click Active Directory Module for Windows PowerShell, and then click Run as administrator.</p>



<p>Below is a sample for enabling it for moh10ly.com:</p>



<p><strong>Enable-ADOptionalFeature –Identity “CN=Recycle Bin Feature,CN=Optional Features,CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,DC=moh10ly,DC=com” –Scope ForestOrConfigurationSet –Target moh10ly.com</strong></p>



<figure class="wp-block-image"><a href="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image001.png"><img src="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image001_thumb.png" alt="clip_image001"/></a> 

<!-- WP QUADS Content Ad Plugin v. 2.0.92 -->
<div class="quads-location quads-ad2524 " id="quads-ad2524" style="float:none;margin:0px 3px 3px 3px;padding:0px 0px 0px 0px;" data-lazydelay="0">

</div>
 
</figure>



<h2 class="wp-block-heading"><strong>Restore</strong></h2>



<p>Once you have the Recycling Bin for Active Directory you will have to use LDP.exe to restore. By default the container with the deleted objects is not displayed. The following steps will allow you to see the container with the deleted objects.</p>



<p><strong>Display Deleted Objects</strong></p>



<p>Follow these steps to display the Deleted Objects container:</p>



<ol class="wp-block-list"><li>To open Ldp.exe, click Start, click Run, and then type exe.</li><li>On the Optionsmenu, click Controls.</li></ol>



<figure class="wp-block-image"><a href="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image002.png"><img src="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image002_thumb.png" alt="clip_image002"/></a></figure>



<p>3. In the Controlsdialog box, expand the Load Predefined pull-down menu, click Return deleted objects, and then click OK.</p>



<figure class="wp-block-image"><a href="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image003.png"><img src="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image003_thumb.png" alt="clip_image003"/></a></figure>



<p>4. To verify that the Deleted Objects container is displayed:</p>



<ul class="wp-block-list"><li>To connect and bind to the server that hosts the forest root domain of your AD DS environment, under Connections, click Connect, and then Bind. (U must use SSL and port 636)</li><li>Click View, click Tree, and in BaseDN, type DC=<;mydomain>;,DC=<;com>;, where <;mydomain>;and <;com>; represent the appropriate forest root domain name of your AD DS environment.</li><li>In the console tree, double-click the root distinguished name (also known as DN) and locate the CN=Deleted Objects, DC=<;mydomain>;,DC=<;com>;container, where <;mydomain>;and <;com>; represent the appropriate forest root domain name of your AD DS environment.</li></ul>



<figure class="wp-block-image"><a href="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image004.png"><img src="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image004_thumb.png" alt="clip_image004"/></a></figure>



<figure class="wp-block-image"><a href="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image005.png"><img src="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image005_thumb.png" alt="clip_image005"/></a></figure>



<figure class="wp-block-image"><a href="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image006.png"><img src="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image006_thumb.png" alt="clip_image006"/></a></figure>



<h2 class="wp-block-heading"><strong>Restore Deleted Objects</strong></h2>



<p>Once you have enabled the container to be displayed, you can now restore deleted objects from Active Directory. Below are the steps to recover a single item from the recycle bin using LDP.exe.</p>



<p>Follow these steps to restore a deleted Active Directory object using Ldp.exe:</p>



<ol class="wp-block-list"><li>Open Ldp.exe from an elevated command prompt. Open a command prompt (Cmd.exe) as an administrator. To open a command prompt as an administrator, click Start. In Start Search, type Command Prompt. At the top of the Startmenu, right-click Command Prompt, and then click Run as administrator. If the User Account Control dialog box appears, enter the appropriate credentials (if requested), confirm that the action it displays is what you want, and then click Continue.</li><li>To connect and bind to the server that hosts the forest root domain of your AD DS environment, under Connections, click Connect, and then click Bind.</li></ol>



<figure class="wp-block-image"><a href="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image007.png"><img src="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image007_thumb.png" alt="clip_image007"/></a></figure>



<p>3. On the Options menu, click Controls.</p>



<p>4. In the Controls dialog box, expand the Load Predefined drop-down list, click Return Deleted Objects, and then click OK.</p>



<p>5. In the console tree, navigate to the CN=Deleted Objects</p>



<figure class="wp-block-image"><a href="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image008.png"><img src="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image008_thumb.png" alt="clip_image008"/></a></figure>



<p>6. Locate and right-click the deleted Active Directory object that you want to restore, and then click Modify.</p>



<p>7. In the Modifydialog box.</p>



<p>8. In Edit Entry Attribute, type isDeleted.</p>



<p>9.Leave the Valuesbox empty.</p>



<p>10. Under Operation, click Delete, and then click Enter.</p>
<!-- WP QUADS Content Ad Plugin v. 2.0.92 -->
<div class="quads-location quads-ad2527 " id="quads-ad2527" style="float:none;margin:0px 3px 3px 3px;padding:0px 0px 0px 0px;" data-lazydelay="0">

</div>




<figure class="wp-block-image"><a href="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image009.png"><img src="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image009_thumb.png" alt="clip_image009"/></a></figure>



<figure class="wp-block-image"><a href="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image010.png"><img src="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image010_thumb.png" alt="clip_image010"/></a></figure>



<p>11. In Edit Entry Attribute, type distinguishedName.</p>



<p>12. In Values, type the original distinguished name (also known as DN) of this Active Directory object.</p>



<p>13. Under Operation, click Replace.</p>



<figure class="wp-block-image"><a href="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image011.png"><img src="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image011_thumb.png" alt="clip_image011"/></a></figure>



<p>14. Make sure that the Extended check box is selected, click Enter, and then click Run.</p>



<figure class="wp-block-image"><a href="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image012.png"><img src="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image012_thumb.png" alt="clip_image012"/></a></figure>



<p>A key point to understand and remember with AD Recycle Bin is that you must restore hierarchically; a parent object must be restored before a child object. If you were to delete an entire OU and all its contents, you must first restore the OU before you can restore its contents.</p>



<p>Modify</p>



<figure class="wp-block-image"><a href="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image013.png"><img src="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image013_thumb.png" alt="clip_image013"/></a></figure>



<p><strong>Clicking on Run gives an error</strong></p>



<p>“Error 0x2077 Illegal modify operation. Some aspect of the modification is not permitted.”</p>



<figure class="wp-block-image"><a href="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image014.png"><img src="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image014_thumb.png" alt="clip_image014"/></a></figure>



<p><strong>Resolution:</strong></p>



<p>Disconnect and reconnect with SSL on port 636</p>



<figure class="wp-block-image"><a href="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image015.png"><img src="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image015_thumb.png" alt="clip_image015"/></a></figure>



<p>Enter the full Distinguished path in the Values</p>



<figure class="wp-block-image"><a href="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image016.png"><img src="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image016_thumb.png" alt="clip_image016"/></a></figure>



<p>Click on Run again and that should work</p>



<figure class="wp-block-image"><a href="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image017.png"><img src="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image017_thumb.png" alt="clip_image017"/></a></figure>



<p>Before</p>



<figure class="wp-block-image"><a href="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image018.png"><img src="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image018_thumb.png" alt="clip_image018"/></a></figure>



<p>After</p>



<figure class="wp-block-image"><a href="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image019.png"><img src="http://www.moh10ly.website/wp-content/uploads/2016/06/clip_image019_thumb.png" alt="clip_image019"/></a></figure>



<p>\</p>



<p><strong>After restoring the object, I will try to login to the user&#8217;s mailbox</strong></p>



<p><strong>I&#8217;ll need to reset the user&#8217;s password after its restored.</strong></p>
<!-- WP QUADS Content Ad Plugin v. 2.0.92 -->
<div class="quads-location quads-ad2529 " id="quads-ad2529" style="float:none;margin:0px 3px 3px 3px;padding:0px 0px 0px 0px;" data-lazydelay="0">

</div>




<figure class="wp-block-image"><a href="http://old.moh10ly.com/blog/active-directory/restoring-an-active-directory-object-after-mistakenly-deleting-it/1_owa_1.jpg?attredirects=0"><img src="http://old.moh10ly.com/_/rsrc/1464866291858/blog/active-directory/restoring-an-active-directory-object-after-mistakenly-deleting-it/1_owa_1.jpg" alt=""/></a></figure>



<figure class="wp-block-image"><a href="http://old.moh10ly.com/blog/active-directory/restoring-an-active-directory-object-after-mistakenly-deleting-it/2_owa_1.jpg?attredirects=0"><img src="http://old.moh10ly.com/_/rsrc/1464866318575/blog/active-directory/restoring-an-active-directory-object-after-mistakenly-deleting-it/2_owa_1.jpg" alt=""/></a></figure>



<p><strong>Time to login</strong></p>



<figure class="wp-block-image"><a href="http://old.moh10ly.com/blog/active-directory/restoring-an-active-directory-object-after-mistakenly-deleting-it/3_owa_1.jpg?attredirects=0"><img src="http://old.moh10ly.com/_/rsrc/1464866339269/blog/active-directory/restoring-an-active-directory-object-after-mistakenly-deleting-it/3_owa_1.jpg" alt=""/></a></figure>



<figure class="wp-block-image"><a href="http://old.moh10ly.com/blog/active-directory/restoring-an-active-directory-object-after-mistakenly-deleting-it/4_owa_1.jpg?attredirects=0"><img src="http://old.moh10ly.com/_/rsrc/1464866401747/blog/active-directory/restoring-an-active-directory-object-after-mistakenly-deleting-it/4_owa_1.jpg" alt=""/></a></figure>
</p>
<!-- WP QUADS Content Ad Plugin v. 2.0.92 -->
<div class="quads-location quads-ad2531 " id="quads-ad2531" style="float:none;margin:0px 3px 3px 3px;padding:0px 0px 0px 0px;" data-lazydelay="0">

</div>


Reset and manage your Active Directory users' Passwords Active Directory is one of the most…
Finding Exchange Database hidden mailboxes. Story:Maybe you have been in this situation before, trying to…
If you're using a Proxy server in your firewall or in your network and have…
Story:I got some clients that have reported some of their users being locked out and…
Delegate Permissions This is a code that I have wrote recently to check if an…
Story: I got a request from a client who constantly gets CVs and have to…