Active Directory Recycle Bin

Focus: Active Directory Recycle Bin

 Active Directory Recycle Bin

 This is a new feature of Windows 2008 R2 which is disabled by default. This feature will be available only if your forest functional level is Windows 2008 R2 and above. Once you enable this feature, it cannot be disabled.

 How to enable?

  • There is no GUI to enable AD recycle bin
  • Open powershell execute the below:
    • Import-Module ActiveDirectory
    • Enable-ADOptionalFeature -Identity "Recycle Bin Feature" -Scope ForestOrConfigurationSet -Target "globomantics.local" -whatif


What makes AD Recycle Bin special ?

Normal Deletion process : An object is deleted, it is moved to Deleted Objects container after changing the object attribute IsDeleted to True (Tombstoning). Most of the attributes of the object will be striped off at this point. The striped off object could be retained during TSL and will be deleted permanently after TSL.

AD Recycle Bin process :  All the above process stands correct for AD recycle bin as well but except the attribute striping. When an AD object is deleted with recycle bin enabled, the system preserves all of the object's attributes.

In short, if you want the  attributes of the deleted objects to be available after tombstone reanimation, enable AD recycle Bin.

AD Recycle Bin process
  • An object has been removed from AD and it is now 'logically deleted' from AD
  • The deleted object is moved to Deleted Objects container and will remain in the container throughout the duration of the Deleted object lifetime. Within this period the object can be recovered using AD recycle bin or authoritative restore
  • After the deleted object lifetime period, the logically deleted object will become recycled object (which is same as a Tombstoned object).
  • The recycled object will remain in Deleted Container until the Recycled object lifetime expires after which the object will be physically deleted with the help of garbage collection process.

Comments

Post a Comment

Popular posts from this blog

VMware and Windows Interview Questions: Part 2

Image
VMware and Windows Interview Questions: Part 1 VMware and Windows Interview Questions: Part 2 VMware and Windows Interview Questions: Part 3 VMware and Windows Interview Questions: Part 4 VMware and Windows Interview Questions: Part 5 VMware and Windows Interview Questions: Part 6 VMware and Windows Interview Questions: Part 7 VMware and Windows Interview Questions: Part 8 Follow this link for scenario based VMware interview questions. Maximum number of LUNs that can be attached to a host (ESXi 5.0) 256 Maximum number of vCPUs that can be assigned to a VM (ESXi 5.0) 32
Deep dive »

VMware and Windows Interview Questions: Part 3

What is vSAN ? It is a hypervisor-converged storage solution built by aggregating the local storage attached to the ESXi hosts managed by a vCenter.  Recommended iSCSI configuration? A separate vSwitch, and a separate network other than VMtraffic network for iSCSI traffic. Dedicated physical NICs should be connected to vSwitch configured for iSCSI traffic. What is iSCSI port binding ? Port binding is used in iSCSI when multiple VMkernel ports for iSCSI reside in the same broadcast domain and IP subnet, to allow multiple paths to an iSCSI array that broadcasts a single IP address.
Deep dive »

VMware vMotion error at 14%

Issue While performing vMotion, the operation fails at 14% with the below error : A general system error occurred: Migrtion to host <Destination ESXi IP> failed with erro Connection closed by remote host, possibly due to timeout (0xbad003f). Migrate virtual machine:A general system error occurred: Migration to host <Destination ESXi IP> failed with error Connection closed by remote host, possibly due to timeout (0xbad003f). vMotion migration [-1062729272:1406020861428172] (19-71629048648008) failed to receive...  Scenarios Scenario 1: Your management network and vmotion network are in the same subnet using the same physical NIC.
Deep dive »