Windows Server 2008 R2 brings an improvement at the Active Directory level, Finally it will let us recover a deleted element without losing its settings, has introduced the Recycle Bin or 'Recycle Bin Feature' feature. In this document, We'll see how to enable it, since by default it is not enabled or activated if we come from an Active Directory prior to Windows 2008 R2.

The fact is that before this type of elements called Tombstone could be recovered, but all the characteristics of the object were lost, only the object ID was retrieved. Now simply the 'Deleted' attribute’ is marked as 'True'.

The first thing is to raise the functional level of the forest and once done, we will run in the “Active Directory Module for Windows PowerShell” The Command:

'Enable-ADOptionalFeature -Identity 'CN=Recycle bin Feature,CN=Optional Features,CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration, DC=DOMAIN,DC=DOMAIN’ -Scope ForestOrConfigurationSet -Target 'FQDN_DOMINIO”.

We confirm with “S” or “Or”,

Now, to see an example of retrieving any object, a user in this case we delete.

To see the element if it is still around, we can make a query and filter by the deleted object to recover only the element we want: 'GetADObject -Filter {DisplayName -eq “OBJECT”} -IncludeDeletedObjects’. Once we have the filter correctly, to retrieve only that object, Run: 'GetADObject -Filter {DisplayName -eq “OBJECT”} -IncludeDeletedObjects | Restore-ADObject’.

And we will have the object fully restored with all its characteristics. If we want to recover more than one object, or something massive, we can use this script from the Microsoft website: http://technet.microsoft.com/en-us/library/dd379504%28WS.10%29.aspx