Using the AD Recycle Bin.txt - Notepad

Using the AD Recycle Bin

To enable the AD Recycle Bin your Forest Function Level needs to be set to at least Windows Server 2008 R2. You can check this with:
Get-ADForrest

Check to see if the AD Recycle Bin is already enabled in your environment. Note the EnableScopes property. This will show a Distinguished Name if the AD Recycle Bin has been enabled, if it has not been enabled you will see a pair of brackets or nothing at all.
Get-ADOptionalFeature -Filter *

To enable the AD Recycle Bin run the below command. Note, once you enable this feature you can't disable it.
Enable-ADOptionalFeature -Identity 'Recycle Bin Feature' -scope ForestorConfigurationSet -target 'example.com'

Now you can practice deleting an object and recovering it.
Create the object:
New-ADUser -Name nickdeleteme

Note the user's GUID:
Get-ADUser -Identity nickdeleteme

Delete the user:
Remove-ADUser -Identity nickdeleteme

Restore the user object:
Restore-ADObject -Identity aa8c430f-2047-46e6-a79d-a3f5a20f12b1

You can view the current contents of the AD Recycle Bin using the below command:
Get-ADObject -SearchBase "CN=Deleted Objects,DC=example,DC=com" -ldapFilter "(objectClass=*)" -includeDeletedObjects | Sort-Object -Property name

You can filter these results with Where-Object. Let's say you want to find the GUID for the user with a SAMAccountName of zaxx:
Get-ADObject -SearchBase "CN=Deleted Objects,DC=example,DC=com" -ldapFilter "(objectClass=*)" -includeDeletedObjects | Sort-Object -Property name| Where-Object {$_.name -like "*zaxx*"}