Windows Server 8 Member Server - ADAC Recycle Bin ~ My blog about Active Directory and everything else

Tuesday, March 13, 2012

Windows Server 8 Member Server - ADAC Recycle Bin

Windows Server 8 Beta was released a few weeks ago and I understand that many organizations may be hesitant to start deploying domain controllers.

One nice thing is that some of the new features can easily run on a member server or workstation and work fine in your current domains.  You don't need to convince anyone about a schema update or new Windows 8 Domain Controllers right now.  Enjoy the new features with no risk (I'd argue there is not a lot of risk in adding a domain controller but I understand leadership wanting to wait on domain controllers)

One of those features is the AD Recycle Bin GUI. That is a nice addition that system administrators have been asking for since 2008 R2 was released. Your forest does have to be at 2008 R2 Forest Functional Level to enable the recycle bin.

Many people enabled and used the AD Recycle Bin in 2008 R2  There are even some 3rd party tools that can help and put a GUI front end around the Recycle Bin. In my opinion the GUI in Windows Server 8 is much nicer and is definitely a reason to add a Windows Server 8 member server now.

In my lab I have a 2008 R2 (forest functional level 2008 R2) Domain Controller and a Windows Server 8 Beta member server.


Windows 2008 R2 Domain



SIDE NOTE: As you can see my test domain is named USMCThanksForYourService.mil I've heard there might be some Marines stationed in Afghanistan reading this entry so a heartfelt thanks for all you all do. It takes a lot of courage to be in the military right now and you all are on the front lines. THANK YOU!!


SIDE NOTE II:  .  Any other military members reading my blog?  Leave a comment, I'd love to hear from you.

So people don't think I'm cheating I'll first verify that the Recycle Bin is not enabled by using the powershell command Get-ADOptionalFeature -Filter {name -like "*Recycle Bin*"} If EnabledScopes is empty that indicates the Recycle Bin has not been enabled.


AD Recycle Bin not enabled

I also join the Windows Server 8 Beta machine to the domain.


Adding Windows 8 Server to the domain


Once the server is added to the USMCThanksForYourService.mil domain I have to install the Remote Server Administration Tools (RSAT) Feature for Active Directory so I can have access to the necessary AD tools and fetures.


Adding Roles and Features in Server Manager




Adding RSAT Features




Adding RSAT Features Part II


Once the RSAT tools have been installed you are ready to use Active Directory Administrative Center (ADAC) against your 2008 R2 domain.

You can enable the AD Recycle Bin from the GUI now instead of the old way using Powershell 



Selecting ADAC from Server Manager in Windows 8


Enabling the AD Recycle Bin from Windows Server 8 Member Server ADAC

AD Recycle Bin Confirmation 1

AD Recycle Bin Confirmation 2


Just want to confirm that the AD Recycle Bin has been enabled.  Notice this time the same command yielded an entry in "EnabledScopes"...success

AD Recycle Bin Enabled - Confirmation
 A quick tutorial of the new feature now that it is enabled and the member server is up and ready to go.

As you can see there is a user named Dakota Meyer who is in the group "MedalofHonor"





A young contractor was really excited and lost his mind and accidentally deleted the account.   Luckily the USMC leadership had allowed this Windows 8 Member Server and Dakota's account would be restored in a few clicks.


In ADAC Navigate to the Deleted Objects Container




Notice the deleted user is listed.  Right click on the user for Restore Options





In ADAC we confirm that the user has been successfully restored





On the 2008 R2 DC the restore is confirmed using ADUC






1 comment:

  1. Mike, Thanks for this nice write up on AD RB GUI.

    ReplyDelete