AD Recycle Bin

Members of this group can recover deleted objects from the Active Directory, just like in a recycle bin for files, when the feature is enabled. These objects can sometimes have interesting properties.

1) Enumerate deleted objects

To find all the deleted objects and their properties:

Get-ADObject -filter 'isdeleted -eq $true -and name -ne "Deleted Objects"' -includeDeletedObjects -property *

To focus on one object:

Get-ADObject -filter { SAMAccountName -eq "user1" } -includeDeletedObjects -property *

To find the last deleted object:

Get-ADObject -ldapFilter:"(msDS-LastKnownRDN=*)" - IncludeDeletedObjects

2) Restore an object

 Get-ADObject -Filter {displayName -eq "user1"} IncludeDeletedObjects | Restore-ADObject