When you’re having a Bad Day pic.twitter.com/OKRQlKKNpM
— SwiftOnSecurity (@SwiftOnSecurity) January 19, 2020
Hope you enabled your Active Directory recyle bin. It’s not enabled by default but it’s a lifesaver! Enabling that is first thing I do after I get AD running, and it turns a two-day hell process if you make this mistake into a two minute “Oops, I shouldn’t have done that,” then click a few buttons and all is well again.
Here’s how to enable it on Server 2016 and above. Highly recommended. This is why paying me big bucks is worth it. I know this (and many, many other things like it) exists and I will enable it when I set your infrastructure up. In the future, when some Jr. Sysadmin inevitably makes a mistake like this, your company has no downtime instead of 2-3 days of it. Makes paying me $100+ an hour a huge bargain.