Enable the Active Directory Recycle Bin in Windows Server 2012 R2

This article is for those looking for a detailed and clear guide on how to enable the Active Directory Recycle Bin in Windows Server 2012 R2.

The Active Directory Recycle Bin is designed to recover deleted Active Directory objects and can be of great help to an administrator if he accidentally deleted a large number of user accounts.

IMPORTANT
In this guide, we will consider the case when you already have a server with the Windows Server 2012 R2 operating system installed on it.
For details on installing Windows Server 2012 R2, read my guide: Install Windows Server 2012 R2.

NOTE
To learn how to install Active Directory Domain Services on Windows Server 2012 R2, read: Install Active Directory Domain Services on Windows Server 2012 R2.

By default, the Active Directory Recycle Bin is disabled.

To enable the Active Directory Recycle Bin, open “Server Manager”, click on “Tools” in the upper right corner of the screen and select “Active Directory Administrative Center”.

Enable the Active Directory Recycle Bin in Windows Server 2012 R2 - Step 1

In the menu on the left, select the section with your domain, then in the menu on the right, click on the “Enable Recycle Bin” button.

Enable the Active Directory Recycle Bin in Windows Server 2012 R2 - Step 2

Now you need to confirm enabling the Active Directory Recycle Bin.

NOTE
It will not be possible to disable the Active Directory Recycle Bin in the future.

Click on the “OK” button.

Enable the Active Directory Recycle Bin in Windows Server 2012 R2 - Step 3

The Active Directory Recycle Bin process has started.

Next, you need to update the information in the “Server Manager” and wait for a little while all the domain controllers in the Active Directory forest get the information about enabling the Active Directory Recycle Bin.

Click on the “OK” button.

Enable the Active Directory Recycle Bin in Windows Server 2012 R2 - Step 4

In the “Server Manager” click on the arrow icon in the upper right corner of the screen and wait for the information to be updated in the section with your domain.

Enable the Active Directory Recycle Bin in Windows Server 2012 R2 - Step 5

After updating the information in the “Server Manager” in the section with your domain, a new container “Deleted Objects” will appear.

Enable the Active Directory Recycle Bin in Windows Server 2012 R2 - Step 6

Now let’s delete the user account and try to restore it from the Active Directory Recycle Bin.

Go to the “Users” container and select a user account, then click on the “Delete” button in the menu on the right.

Enable the Active Directory Recycle Bin in Windows Server 2012 R2 - Step 7

Now you need to confirm the deletion of the user account.

Click on the “OK” button.

Enable the Active Directory Recycle Bin in Windows Server 2012 R2 - Step 8

To restore a deleted user account, you need to go to the “Deleted Objects” container and select the user account that you want to restore, then click on the “Restore” button in the menu on the right.

NOTE
Objects can only be restored during their lifetime, which by default is 180 days.

Enable the Active Directory Recycle Bin in Windows Server 2012 R2 - Step 9

The user account was successfully restored and reappeared in the Users container.

Enable the Active Directory Recycle Bin in Windows Server 2012 R2 - Step 10

SIGNAL & INTEL#

The Private Order: Stop being a grunt. Become an Architect. Join The Private Order.

_{DOCKER CAPTAIN · HASHICORP AMBASSADOR · AWS COMMUNITY BUILDER}