0

I have used the following commands to enable recycle bin:

$ForestName = (Get-ADDomain).Forest
Enable-ADOptionalFeature -Identity 'Recycle Bin Feature' -Scope ForestOrConfigurationSet -Target $ForestName -Confirm:$false

The command ran successfully, but a "Deleted Objects" container was not created.

As a test, I have created a user, waited for it to be synced to all dcs, and then deleted it. Even then no Deleted Objects container was created.

(Get-ADDomain).DeletedObjectsContainer returns CN=Deleted Objects,DC=domain,DC=com" (which doesn't exist).

The forest level is 2016, all dcs are windows server 2022. (freshly installed)

What should I have done differently and how can I fix this?

Zulakis
  • 4,191
  • 14
  • 44
  • 75
  • Are you looking in the Active Directory Administrative Center? Show the output of **Get-ADOptionalFeature -Filter 'name -like "Recycle Bin Feature"'** – joeqwerty Jun 09 '22 at 16:27

1 Answers1

0

I found that the Deleted Objects container does indeed exist, but it is not shown in the AD Users MMC Snap-In nor in the ADSI Snap-In.

Items in the container can be listed using:

Get-ADObject -SearchBase ((Get-ADDomain).DeletedObjectsContainer) -Filter "*" -IncludeDeletedObjects

I think the reason that the container is not shown is that itself is marked as deleted.

I got no idea why that is the case, but knowing that atleast solved this riddle for me.

Zulakis
  • 4,191
  • 14
  • 44
  • 75