Enable the Active Directory Recycle Bin

The Active Directory Recycle Bin allows Domain Administrators to recover AD objects that may have been accidentally deleted. When enabled, the recycle bin preserves deleted objects and any associated attributes for a period of 180 days (be default). However, the recycle bin is not enabled by default, so it is important to enable the recycle bin on managed AD environments before a restore is needed.

A forest functional level of Windows Server 2008 R2 or higher is required to enable the Active Directory Recycle Bin feature.

The process of enabling Active Directory Recycle Bin is irreversible. Once you enable the Active Directory Recycle Bin you cannot disable it.

---

Instructions

The Active Directory Recycle Bin can be enabled via ADAC or PowerShell.

• Enable via the Active Directory Administrative Center
• Enable via PowerShell

---

Enable the Active Directory Recycle Bin Using ADAC

1. Open the Active Directory Administrative Center.

2. Select the domain name from the left-hand navigation pane and either click Enable Recycle Bin … under the Tasks menu, or right-click on the domain and choose Enable Recycle Bin … from the context menu.

   

   The Enable Recyle Bin … option will be grayed out if the Active Directory Recycle Bin has already been enabled or if the forest functional level is not Windows Server 2008 R2 or later.

3. Click the OK button in the Enable Recycle Bin Confirmation dialog.

   

---

Enable the Active Directory Recycle Bin Using PowerShell

Import-Module ActiveDirectory
Get-ADOptionalFeature -Identity "Recycle Bin Feature"
Enable-ADOptionalFeature -Identity "Recycle Bin Feature" -Scope ForestOrConfigurationSet -Target <DomainFQDN>

Replace <DomainFQDN> with the FQDN of your AD forest.