Active Directory Recycle Bin

Everyone should check this key feature is enabled – it’s saved me so many times.

The AD recycle bin ensures that even if you delete an object from AD, all is not lost. The default retention period for a deleted object is 180 days, and if someone hasn’t noticed you’ve deleted their account in 6 months, then they probably don’t really need it!

Just a note of caution – if you sync accounts from AD to Azure, you have 30 days to restore an account before the mailbox is gone, unless you have retention policies configured in Microsoft 365.

That being said, to enable the recycle bin:

  1. Open the Active Directory Administrative Centre
  2. Find your domain name on the left and right-click it
  3. Click ‘Enable Recycle Bin’
  4. Click ok on the pop-up message.

To restore an object, go back to the Active Directory Administrative Centre and find your domain name, then click the ‘Deleted Items’ section beneath it. Right click the object, and click restore. You can opt to restore to it’s original location or select somewhere else.

Make sure you turn this on before you need it. I learnt the hard way…

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

Website Powered by WordPress.com.

Up ↑

%d bloggers like this: