Recycle Bin
A new feature introduced in Windows 2008 R2 which according to my personal belief has been quite underestimated.
When I started reading about the Recycle Bin Feature and Installed the Windows 2008 R2 Server, I was surprised to see that the feature was installed automatically. At First, I thought that the feature "Recycle Bin" automatically get enabled when you install your first Windows 2008 R2 Server... But I was wrong... :)
Even though the entry for the Recycle Bin is added here in the configuration partition automatically (without doing or making any changes), you still have to enable the feature
There are few pre-requisite that you have to follow before you can actually enable the Recycle Bin...
Pre-requisite for Enabling Recycle Bin:-
1. Windows Server 2008 R2 (of course)
2. Forest Functional level - Windows Server 2008 R2
Before starting, I would like to show you the exact location of AD Recycle Bin in Active Directory...
Configuration Partition -> Services -> Directory Services -> Optional Features -> Recycle Bin Feature
Now you will think if this picture was taken after we enabled AD Recycle Bin...and I will "No". It was taken before we made any changes... And now you will say that I am lying...
Just start reading this post and you will realize that I was not wrong when I said that "Even though the entry for the Recycle Bin is added here in the configuration partition automatically (without doing or making any changes), you still have to enable the feature". So this was the entry in AD that I was talking about...
The ldifde dump of "CN=Recycle Bin Feature" is:-
Lets starts the play with Power (Shell)....
In Powershell, you have Cmdlets and Modules. To run Active Directory related commands, you first have to import the Active Directory Module in Powershell.
Lets confirm the current Forest Functional level of our Forest by running the command "Get-ADForest"
So, currently the level is Windows 2003
Yes, Even I know that we can get the same piece of information from Active Directory Domains and Trusts...
Since one of the Pre-requisite for Enabling Recycle Bin is to have the Forest Functional Level as Windows Server 2008 R2, So lets raise the Forest Functional level by running the command "Set-ADForestMode -ForestMode Windows2008R2Forest"
Warning.....
(Make sure that you know the consequence or upgrading the Forest Function Levels like All domain controllers in the forest should be running on Windows Server 2008 R2 and All domains in the forest have Windows 2008 R2 Functional level)
Lets run the same command "Get-ADForest" again to check the Forest Functional level now...
Wow... First objective achieved... The Forest Functional Level is now set to Windows Server 2008 R2
Its not that I don't trust Powershell, but still wanted to confirm using Active Directory Domains and Trusts
Now lets move forward to our final destination of enabling the Recycle Bin...
Run the following command to enable Recycle Bin:-
Enable-ADOptionalFeature 'Recycle Bin Feature' -Scope ForestOrConfigurationSet -target 'Lab.com'
Warning.....
(Once you enable Recycle Bin, it cannot be disabled and there can be some increase in the size of NTDS.DIT)
Once the Recycle Bin has been Enabled, I would like to Re-visit ADSIEDIT again at the same location and to see what all have changed after enabling AD Recycle Bin
Here, you will notice that two things have changed (added) in CN=Recycle Bin Feature:
1. msDS-EnabledFeatureBL : CN=Partitions,CN=Configuration,DC=Lab,DC=com
2. msDS-EnabledFeatureBL : CN=NTDS Settings,CN=MYDC,CN=Servers,CN=Default-First- Site-Name,CN=Sites,CN=Configuration,DC=Lab,DC=com
LDIFDE Dump of CN=Recycle Bin Feature {Before & After}
LDIFDE Dump of:- CN=NTDS Settings,CN=MYDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Lab,DC=com
LDIFDE Dump of CN=Partitions,CN=Configuration,DC=Lab,DC=com
One more command that we can run to check if "AD Recycle Bin" has been enabled or not
"Get-ADOptionalFeature `Recycle Bin Feature`"
If "AD Recycle Bin" is Enabled, then EnabledScopes will be populated, else not.
A new feature introduced in Windows 2008 R2 which according to my personal belief has been quite underestimated.
When I started reading about the Recycle Bin Feature and Installed the Windows 2008 R2 Server, I was surprised to see that the feature was installed automatically. At First, I thought that the feature "Recycle Bin" automatically get enabled when you install your first Windows 2008 R2 Server... But I was wrong... :)
Even though the entry for the Recycle Bin is added here in the configuration partition automatically (without doing or making any changes), you still have to enable the feature
There are few pre-requisite that you have to follow before you can actually enable the Recycle Bin...
Pre-requisite for Enabling Recycle Bin:-
1. Windows Server 2008 R2 (of course)
2. Forest Functional level - Windows Server 2008 R2
Before starting, I would like to show you the exact location of AD Recycle Bin in Active Directory...
Configuration Partition -> Services -> Directory Services -> Optional Features -> Recycle Bin Feature
Now you will think if this picture was taken after we enabled AD Recycle Bin...and I will "No". It was taken before we made any changes... And now you will say that I am lying...
Just start reading this post and you will realize that I was not wrong when I said that "Even though the entry for the Recycle Bin is added here in the configuration partition automatically (without doing or making any changes), you still have to enable the feature". So this was the entry in AD that I was talking about...
The ldifde dump of "CN=Recycle Bin Feature" is:-
Lets starts the play with Power (Shell)....
In Powershell, you have Cmdlets and Modules. To run Active Directory related commands, you first have to import the Active Directory Module in Powershell.
Lets confirm the current Forest Functional level of our Forest by running the command "Get-ADForest"
So, currently the level is Windows 2003
Yes, Even I know that we can get the same piece of information from Active Directory Domains and Trusts...
Since one of the Pre-requisite for Enabling Recycle Bin is to have the Forest Functional Level as Windows Server 2008 R2, So lets raise the Forest Functional level by running the command "Set-ADForestMode -ForestMode Windows2008R2Forest"
Warning.....
(Make sure that you know the consequence or upgrading the Forest Function Levels like All domain controllers in the forest should be running on Windows Server 2008 R2 and All domains in the forest have Windows 2008 R2 Functional level)
Lets run the same command "Get-ADForest" again to check the Forest Functional level now...
Wow... First objective achieved... The Forest Functional Level is now set to Windows Server 2008 R2
Its not that I don't trust Powershell, but still wanted to confirm using Active Directory Domains and Trusts
Now lets move forward to our final destination of enabling the Recycle Bin...
Run the following command to enable Recycle Bin:-
Enable-ADOptionalFeature 'Recycle Bin Feature' -Scope ForestOrConfigurationSet -target 'Lab.com'
Warning.....
(Once you enable Recycle Bin, it cannot be disabled and there can be some increase in the size of NTDS.DIT)
Once the Recycle Bin has been Enabled, I would like to Re-visit ADSIEDIT again at the same location and to see what all have changed after enabling AD Recycle Bin
Here, you will notice that two things have changed (added) in CN=Recycle Bin Feature:
1. msDS-EnabledFeatureBL : CN=Partitions,CN=Configuration,DC=Lab,DC=com
2. msDS-EnabledFeatureBL : CN=NTDS Settings,CN=MYDC,CN=Servers,CN=Default-First- Site-Name,CN=Sites,CN=Configuration,DC=Lab,DC=com
LDIFDE Dump of CN=Recycle Bin Feature {Before & After}
LDIFDE Dump of:- CN=NTDS Settings,CN=MYDC,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=Lab,DC=com
LDIFDE Dump of CN=Partitions,CN=Configuration,DC=Lab,DC=com
One more command that we can run to check if "AD Recycle Bin" has been enabled or not
"Get-ADOptionalFeature `Recycle Bin Feature`"
If "AD Recycle Bin" is Enabled, then EnabledScopes will be populated, else not.
