How to restore deleted active directory user account from active directory recycle bin in windows server 2008 r2?


  • Can anyone instruct me on how to restore a deleted active directory user account from the AD recycle bin. I know you have to use poershell. I just need the proper script to get it done. Thanks.
    • Moved by Tim QuanModerator Tuesday, April 05, 2011 1:13 AM (From:Backup – Windows and Windows Server)
    Monday, April 04, 2011 3:59 PM


All replies

  • Hello,

    so AD recycle bin is enabled in the domain, otherwise it will not work?

    See here about using AD recycle bin:

    In your case for the deleted object:

    Best regards Meinolf Weber Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
    Tuesday, April 05, 2011 6:17 AM
  • The permission required is enterprise admin & domain admin membership to recover deleted objects.

    AD recycle bin object restore step by step.

    You can use PowerGUI tool to recover deleted object from AD recycle Bin.

    For authoritative restore, you need valid system state backup.



    Awinish Vishwakarma| MY Blog

    Disclaimer: This posting is provided AS-IS with no warranties or guarantees and confers no rights.

    Tuesday, April 05, 2011 6:38 AM
  • How can I restore all objects in OU using AD Module for Windows Power Shell?


    In OU "Enterprise" there're some users, in OU "Enterprise" there're two others OU's "Branch01 and Branch02"

    which command do I have to use?

    get-adobject ......

    Fernando | Analista de Redes

    Wednesday, May 15, 2013 8:54 PM
  • Hi Fernando,

    First of all please let me know whether you have deleted the two OU's (or) you have deleted only the objects within that OU.

    In case if you have deleted only the objects within that OU if you are trying to restore all the objects from OU "Enterprise" as well as OU's "Branch01 and Branch02" at the same time, please read the below explanation.

    All the Deleted objects in Active directory are stored within the Deleted Objects container(In case of Recycle Bin feature Turned OFF)

    The Deleted Objects container displays all logically deleted objects in a flat hierarchy as its direct children. So it will not have the same hierarchical model as you had in Active Directory. In this case If you want to restore all the Deleted objects within a OU, you have to just add a filter in the Get-ADObject cmdlet which specifies the lastKnownParent of the objects to be restored.

    In your case, If you want to restore the Objects within the "Enterprise" OU's, then the lastKnownParent value of the objects within that OU are "Enterprise"(OU from which the User account was deleted).


    Get-ADObject -SearchBase "CN=Deleted Objects,DC=Domain,DC=com" -Filter {lastKnownParent -eq "OU=Enterprise,DC=Domain,DC=com"} -IncludeDeletedObjects | Restore-ADObject

    • Proposed as answer by Krish Mural Friday, July 12, 2013 6:59 AM
    Thursday, July 11, 2013 4:22 AM
  • I need to restore one deleted object under OU=Users. The LDP does not show the original name of the deleted object, Albany CR, in the Deleted Objects OU.

    I tried this command just to list the deleted objects in Users, and it did not display any entries (no errors):

    PS C:\Windows\system32> Get-ADObject -searchbase "CN=Deleted Objects,DC=obg,DC=corp" -filter {lastKnownParent -eq "OU=Users,DC=obg,DC=corp"} -IncludeDeletedObjects

    PS C:\Windows\system32>

    Am I doing this incorrectly?

    Lou H.

    Wednesday, January 22, 2014 7:01 PM
  • Here is an equivalent to what you have above, using an LDAP filter instead. msds-lastknownrdn is the attribute identifier that will ensure you only get deleted items.  FYI if you are looking for a single object, assuming it's a group, user or other object with a pre win2000 name, you can edit the LDAP filter to look just for it (second example).

    get-adobject -LDAPFilter "(&(msds-lastknownrdn=*)(lastknownparent=OU=Users,DC=obg,DC=corp))" -IncludeDeletedObjects

    get-adobject -LDAPFilter "(&(msds-lastknownrdn=*)(samaccountname=Albany CR))" -IncludeDeletedObjects

    Thursday, February 26, 2015 10:18 PM