- At least one domain controller running Windows 2012 Server.
- Forest Functional Level at Windows 2008 R2.
- The recycle bin feature must be enabled.
A message informs us that the change is irreversible: we cannot disable the Recycle Bin once enabled:
We then must restart ADAC:
Note: if the FFL was not at Windows 2008 R2 (or above) we could not enable the Recycle Bin. The option would be grayed out:
So, I delete user Aisha Bhari:
On the partner domain controller (a Windows 2008 R2 server), I verify that replication has taken place and that the user has indeed been deleted:
Restoring the user is rather simple. Enabling the Recycle Bin creates a new container in ADAC: Deleted Objects. If we want to restore an object, we open this container and find the object in question:
We right-click on the object and select restore:
We have a second option as well: Restore To
This can be used if we want to restore the object to a different container, perhaps if the original container no longer exists:
The results are immediate on the Windows 2012 server and almost immediate on the Windows 2008 R2 server as well. Replication does its work and Aisha Bhari is back:
Even better (as with the authoritative restore in the previous blog post), group membership is re-established: