参考这篇博文(配置Windows 2008 R2活动目录回收站),成功启用AD回收站,
实验结果总结:用LDP.exe工具启用跟还原都不成功,用Power shell命令成功,步骤如下:
1、启用回收站命令
Enable-ADOptionalFeature –Identity ‘CN=Recycle Bin Feature,CN=Optional Features,CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration, DC=CONTOSO,DC=com‘ –Scope ForestOrConfigurationSet –Target ‘contoso.com‘
2、查看回收站状态
get-adoptionalfeature -filter {name -like "*"}
3、查看对象状态
Get-ADObject -SearchScope subtree -Filter {name -like "*"} -IncludeDeletedObjects
或者Get-ADObject -SearchScope subtree -Filter {name -like "*user1*"} -IncludeDeletedObjects
作个删除操作,把user1用户帐号删除掉。
~~删除前:
Deleted :
DistinguishedName : OU=test,DC=contoso,DC=com
Name : test
ObjectClass : organizationalUnit
ObjectGUID : 610b87d9-77e4-48be-8b1d-dbd58ca9d7c8
Deleted :
DistinguishedName : CN=user1,OU=test,DC=contoso,DC=com
Name : user1
ObjectClass : user
ObjectGUID : 7b24079e-06a8-4d98-9566-e9e9454676c6
~~删除后:
Deleted : True
DistinguishedName : OU=test\0ADEL:610b87d9-77e4-48be-8b1d-dbd58ca9d7c8,CN=Delet
ed Objects,DC=contoso,DC=com
Name : test
DEL:610b87d9-77e4-48be-8b1d-dbd58ca9d7c8
ObjectClass : organizationalUnit
ObjectGUID : 610b87d9-77e4-48be-8b1d-dbd58ca9d7c8
Deleted : True
DistinguishedName : CN=user1\0ADEL:7b24079e-06a8-4d98-9566-e9e9454676c6,CN=Dele
ted Objects,DC=contoso,DC=com
Name : user1
DEL:7b24079e-06a8-4d98-9566-e9e9454676c6
ObjectClass : user
ObjectGUID : 7b24079e-06a8-4d98-9566-e9e9454676c6
4、还原删除的容器或OU或用户:
(如果有一个包含用户的OU需要还原,必须先还原OU,然后再还原用户)
Restore-ADobject -Identity 610b87d9-77e4-48be-8b1d-dbd58ca9d7c8
Restore-ADobject -Identity 7b24079e-06a8-4d98-9566-e9e9454676c6
还原成功,Ou Yeh!
本文出自 “繁星点点” 博客,请务必保留此出处http://fanxing.blog.51cto.com/189800/1954789
原文地址:http://fanxing.blog.51cto.com/189800/1954789
