Restoring ActiveDirectory Objects

Description

     This document provides tips for restoring Active Directory objects if the Active Directory Recycle Bin is enabled.

Tips

Display All Deleted Objects

1. get-adobject -filter {isdeleted -eq $true} -includedeletedobjects   

   

Display All Deleted User Objects

1. get-adobject -filter {(objectclass -eq "user") -and (isdeleted -eq $true)} -includedeletedobjects   

Show details of a specific Deleted user

1. get-adobject -filter {samaccountname -eq "<username>"} -includedeletedobjects -properties *  

Restore a specific object you can use the same account name or the objectGUID

1. restore-adobject -identity <samaccountname/objectGUID>  

To restore a group of objects at once you would combine the get-adobject output with the restore-adobject command.

Example: Restoring all Deleted user accounts

1. get-adobject -filter {(objectclass -eq "user") -and (isdeleted -eq $true)} -includedeletedobjects | restore-adobject  

References

Scenario Overview for Restoring Deleted Active Directory Objects

Active Directory Recycle Bin in Windows Server 2008 R2 Step-by-Step Guide [R2]