Error Enabling Active Directory Recycle Bin
Contents |
(עברית)المملكة العربية السعودية (العربية)ไทย (ไทย)대한민국 (한국어)中华人民共和国 (中文)台灣 (中文)日本 (日本語) HomeWindows Server 2012Windows Server 2008 R2Windows Server 2003LibraryForums Ask a question Quick access Forums home Browse forums users FAQ Search related threads Remove From enable adoptionalfeature error My Forums Answered by: error enabling the AD Recycling Bin via enable active directory recycle bin 2012 r2 Enable-ADOptionalFeature Windows Server > Directory Services Question 0 Sign in to vote I have a single enable active directory recycle bin 2008 r2 domain in a forest. Here are the steps I performed using this MS link (http://technet.microsoft.com/en-us/library/dd379481%28WS.10%29.aspx): 1) Verifed via AD Domains and Trusts that both domain and forest how to enable active directory recycle bin in windows server 2008 functional levels are at W2K8R2. I did not run the Set-ADForestMode cmdlet because my forest function level is already at W2K8R2. 2) Verified via netdom that the DC I'm logged onto is the "Domain naming master" >netdom query fsmo Schema master dc1.ts.grp Domain naming master dc1.ts.grp PDC dc1.ts.grp RID pool manager dc1.ts.grp Infrastructure
Enable Recycle Bin Active Directory Greyed Out
master dc1.ts.grp The command completed successfully. 3) launched powershell and imported the active directory powershell module > import-module activedirectory 4) my domain name is ts.grp, executed the Enable-ADOptionalFeature command > Enable-ADOptionalFeature -Identity `CN=Recycle Bin Feature,CN=Optional Features,CN=Directory Servic e,CN=Windows NT,CN=Services,CN=Configuration, DC=ts,DC=grp' -Scope ForestOrConfigurationSet -Target `ts.grp' WARNING: Enabling 'Recycle Bin Feature' on 'CN=Partitions,CN=Configuration,DC=ts,DC=grp' is an irreversible action! You will not be able to disable 'Recycle Bin Feature' on 'CN=Partitions,CN=Configuration,DC=ts,DC=grp' if you proceed. Confirm Are you sure you want to perform this action? Performing operation "Enable" on Target "Recycle Bin Feature". [Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"): Y Enable-ADOptionalFeature : A referral was returned from the server At line:1 char:25 + Enable-ADOptionalFeature <<<< -Identity `CN=Recycle Bin Feature,CN=Optional Features,CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration, DC=ts,DC=grp' -Scope ForestOrConfigurationSet -Target `ts.grp' + CategoryInfo : NotSpecified: (CN=Recycle Bin ...n, DC=es,DC=grp:ADOptionalFeature) [Enable-ADOptionalFe ature], ADException + FullyQualifiedErrorId : A referral was returned from the
returned by the server” is received when enabling AD Recycle Bin.SOLUTION:Complete the following: 1. Validate that the user credentials being used are a member, at
Powershell Enable Active Directory Recycle Bin
a minimum, of the Schema Admins group. 2. Ensure the change active directory recycle bin restore is occurring on the Schema Master flexible single master operations (FSMO) role holder domain controller (DC). a. Open active directory recycle bin retention time an elevated command prompt. i. Server 2008 R2 - At the Windows desktop Start menu, navigate to All Programs, click on Accessories to expand, right-click Command Prompt and select 'Run https://social.technet.microsoft.com/Forums/windowsserver/en-US/537bee93-8e5c-41dc-addf-e7e7882581f8/error-enabling-the-ad-recycling-bin-via-enableadoptionalfeature?forum=winserverDS as administrator'. ii. Server 2012 and later - Press the Windows key + Q, and type 'cmd' in the 'search' box. Right-click on the 'command prompt' icon when displayed, and select 'run as administrator' from the menu. b. Type 'netdom query fsmo' and press Enter. Note the server name returned as holding the Schema Master role. 3. If the aforementioned http://www.dell.com/support/article/us/en/19/SLN286001 measures are in place, check to see if the Schema Master role is running on the same DC as the Domain Naming Master FSMO role. If it is not, temporarily consolidate these roles to the same DC and enable the feature from there.ADDITIONAL INFORMATION:Starting with Windows 2008 R2, AD Recycle Bin is a feature of the forest functional level, meaning that it must be enabled on a forest-level DC holding the appropriate FSMO role. The appropriate forest-level administrative privileges (Schema Admins or Enterprise Admins groups) are required to enable the feature. The above referenced error indicates insufficient rights or a FSMO configuration issue. For further information please refer to the following link:http://technet.microsoft.com/en-us/library/dd379484%28v=ws.10%29.aspx Quick Tips content is self-published by the Dell Support Professionals who resolve issues daily. In order to achieve a speedy publication, Quick Tips may represent only partial solutions or work-arounds that are still in development or pending further proof of successfully resolving an issue. As such Quick Tips have not been reviewed, validated or approved by Dell and should be used with appropriate caution. Del
LyncMicrosoft Lync 2010Microsoft Lync 2013Office 365Office 365 IssuesOffice 365 MigrationOffice 365 PowerShellPowerShellPowerShell BasicsPowerShell ScriptsSAN/StorageHP Storage SystemsNetappStorSimpleServersCisco UCSConfiguring Cisco UCS Blade SystemsHP ServersWindows GeneralWindows Server 2012Windows Server CoreSystems CenterSystem Center Updates PublisherSystems Center Configuration http://pipe2text.com/?page_id=579 Manager (SCCM)SCCM ScriptsSCCM Setup and ConfigurationVirtualizationVMwareVMWare Issues - Break FixVmware ScriptsVMware Setup and ConfigurationWindows AzureWindows Azure Powershell Scripts Enabling the Active Directory Recycle Bin using PowerShell Hi http://www.technig.com/how-to-enable-active-directory-recycle-bin/ All, The accidental deletion of an Active Directory object or objects can cause downtime for end users and a great deal of work for the IT department. A really nice feature active directory that was added into Active Directory with Windows 2008 R2 is the Active Directory Recycle bin. This will allow you to restore objects such as users and computers in a timely manner. The recovered objects will retain all of their attributes and backlinks without having to do an authoritative restore. The requirement for enabling the Active Directory active directory recycle Recycle Bin is that you will need to be running at a Windows 2008 R2 Forest Functional level. What this means is that every Domain Controller in the Forest is running Windows 2008 R2 and you have raised the Forest Functional Level to Windows 2008 R2. In Windows 2008 R2, you do have the ability to lower the Functional level back to a Windows 2008 functional level if you have NOT enabled the AD Recycle Bin yet. Enabling the AD Recycle Bin is an irreversible change and once it is enabled you can not lower the Forest Functional level back to Windows 2008. Follow the steps below to enable the recycle bin. 1. Log on to the Domain Controller in your forest that host the Domain Naming Master FSMO role with an account that has Enterprise Admin rights. 2. Open PowerShell as administrator and add the Active Directory Module by typing the following command: Import-Module ActiveDirectory 3. After the module is loade
Active Directory Recycle Bin Using PowerShell? Posted in Articles, MCSA, Servers • 2 years ago • Written by Shais • No CommentsIn Windows Server 2008 R2 by default the Active Directory Recycle bin is disabled. You can' not recover the deleted objects without Active Directory Recycle bin enabled. If you want to secure Active Directory environment from deletion of nonrecoverable objects, first should enable AD Recycle bin. To perform this action the AD forest functional level must set to Windows Server 2008 R2.Enable Active Directory Recycle Bin with PowerShell.Let's do it step by step with recommended method of Microsoft using Windows Power Shell command. To do so run PowerShell and import Active Directory module. Type ‘Import-Module activedirectory' and press enter like screenshot.Import Active Directory Module in Windows PowerShellNow type the following PowerShell command to enable Recycle Bin in active directory.Enable-ADOptionalFeature -Identity ‘CN=Recycle Bin Feature,CN=Optional Features,CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,dc=one,dc=local' -Scope ForestOrConfigurationSet -Target one.localEnable Active Directory Recycle BinDo it the same as screenshot and type Y in order to accept it.Note: Remember this action is not reversible, you cant not disable it once you have been enabled in active directory environment.So good, the Active Directory Recycle Bin has been enabled successfully. The next step is to know how to recover deleted objects.Recover Deleted Objects of Active Directory Using PowerShellTo recover the deleted objects you must see the list of deleted objects with ‘Get-ADObject‘ PowerShell Command. Type the following command to display all removed objects.Get-ADObject -Filter {(isdeleted -eq $true) -and (name -ne "Deleted Objects")} -includeDeletedObjectsDisplay Deleted Active Directory ObjectsYou see the deleted active directory objects. Now you can restore it with ‘Restore-ADObject‘ command.Now try to restore with the below command.Get-ADObject -Filter {(isdeleted -eq $true) -and (name -ne "Deleted Objects")} -includeDeletedObjects | Restore-ADObjectRestore Deleted Objects In Active Directory Wind