# Import Server Manager Import-Module ServerManager Import-Module ActiveDirectory # Install all Windows Server Backup features Get-WindowsFeature *back* | Add-WindowsFeature # Check the Forest Functional Level Get-ADForest | fl ForestMode # Check which AD Optional Features are enabled Get-ADOptionalFeature -filter * | fl name # Enable the AD Recycle Bin Enable-ADOptionalFeature –Identity ` ‘CN=Recycle Bin Feature,CN=Optional Features,CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,DC=AD,DC=contoso,DC=com’ ` –Scope ForestOrConfigurationSet –Target ‘ad.contoso.com’ # Delete a single user Get-ADUser -ldapfilter "(samaccountname=howarad)" | Remove-ADUser -confirm:$false # Confirm the user is deleted Get-ADObject -LDAPFilter "(sAMAccountName=howarad)" -IncludeDeletedObjects # Recover the user using the AD Recycle Bin Restore-ADObject -id 6e84cfe5-bacf-4844-aa87-6be43e1d6f6a # Confirm the user is restored Get-ADUser -ldapfilter "(samaccountname=howarad)" # Delete an OU and child contents Get-ADOrganizationalUnit -LDAPFilter "(ou=VIPs)" | Remove-ADOrganizationalUnit -Recursive -Confirm:$false # Restore the OU (just the OU) Get-ADObject -LDAPFilter "(&(objectclass=organizationalunit)(msDS-LastKnownRDN=VIPs))" -includedeletedobjects | Restore-ADObject # Restore the child ojbects within the OU Get-ADObject -LDAPFilter "(&(objectClass=user)(LastKnownParent=OU=VIPs,OU=_Contoso,DC=ad,DC=contoso,DC=com))" -includedeletedobjects | Restore-ADObject # Backup all GPOs