0

Quick Tip – How Do I View The Deleted Objects Container

Posted on by Rhoderick Milne [MSFT]

Windows Server 2008 R2 Active Directory added the AD Recycle Bin feature.  This allowed for an easier way to recover from an “oops” moment when a small number of objects were mistakenly deleted.  The option to perform an authoritative restored remains to recover from mass deletion events.  The AD Recycle Bin can be enabled via the AD Admin Centre or AD PowerShell using the Enable-ADOptionalFeature cmdlet.

A sample command to enable the feature would be:

Enable-ADOptionalFeature "Recycle Bin Feature"-Scope ForestOrConfigurationSet -Target <EnterYourForestRootDomainHere>

To verify that the AD Recycle Bin is enabled, we can view the contents of the EnabledScope output for the “CN=Recycle Bin Feature” as shown below. Since there are entries in this section, the feature was previously enabled.

Get-ADOptionalFeature -Filter *

AD Recycle Bin Previously Enaled - Note The Entries In EnabledScopes Property

For more details, please see Ned’s original post from 2009 that really explains the operation of the AD Recycle bin.

Viewing Recycle Bin Contents

We have the Restore-ADObject cmdlet to allow objects to be restored and can be used in conjunction with the Get-ADObject cmdlet to view deleted objects:

Get-ADObject -filter 'isdeleted -eq $true -and name -ne "Deleted Objects"' -includeDeletedObjects | Select Name

The objects listed here will have their attribute isDeleted is set to $TRUE.

While we can see these objects in PowerShell, the Deleted Objects Container is not visible in Active Directory Users and Computers.

In the screenshot below the Advanced View option is selected. You can not see the Deleteted Objects container.

Unable To View Deleted Objects Container in AD DS

This is the expected behaviour.

How To View Deleted Objects Container

From the legacy Windows 2008 R2 documentation, the below screenshot was taken as the docs will be deleted at some point just like the rest of TechNet…..

Displaying Deleted Objects Container

To Display The Deleted Objects Container

Use LDP.exe with an additional control flag.  The steps are noted below.

  1. To open Ldp.exe, click Start, click Run, and then type ldp.exe.
  2. On the Options menu, click Controls.
  3. In the Controls dialog box, expand the Load Predefined pull-down menu, click Return deleted objects, and then click OK.
  4. To verify that the Deleted Objects container is displayed:
  5. To connect and bind to the server that hosts the forest root domain of your AD DS environment, under Connections, click Connect, and then Bind.
  6. Click View, click Tree, and in BaseDN, type DC=<mydomain>,DC=<com>, where <mydomain> and <com> represent the appropriate forest root domain name of your AD DS environment.
  7. In the console tree, double-click the root distinguished name (also known as DN) and locate the CN=Deleted Objects, DC=<mydomain>,DC=<com> container, where <mydomain> and <com> represent the appropriate forest root domain name of your AD DS environment.

LDP Using To View Deleted Objects Container

Cheers,
Rhoderick

Rhoderick Milne [MSFT]

More Posts

Leave a Reply

Your email address will not be published. Required fields are marked *