From 1007d6dac777c7ed5cb469a70b27a26ffe3aa767 Mon Sep 17 00:00:00 2001
From: silversword411 <github.com@datmail.com>
Date: Tue, 16 Mar 2021 11:39:44 -0400
Subject: [PATCH] Adding AD Recycle Bin script

Check and Enable AD Recycle Bin
---
 api/tacticalrmm/scripts/community_scripts.json |  7 +++++++
 scripts/AD_Check_And_Enable_AD_Recycle_Bin.ps1 | 17 +++++++++++++++++
 2 files changed, 24 insertions(+)
 create mode 100644 scripts/AD_Check_And_Enable_AD_Recycle_Bin.ps1

diff --git a/api/tacticalrmm/scripts/community_scripts.json b/api/tacticalrmm/scripts/community_scripts.json
index f2aefea4..9782b09b 100644
--- a/api/tacticalrmm/scripts/community_scripts.json
+++ b/api/tacticalrmm/scripts/community_scripts.json
@@ -222,5 +222,12 @@
         "name": "Chocolatey Update Installed Apps",
         "description": "Update all apps that were installed using Chocolatey.",
         "shell": "cmd"
+    },
+    {
+        "filename": "AD_Check_And_Enable_AD_Recycle_Bin.ps1",
+        "submittedBy": "https://github.com/silversword411",
+        "name": "AD - Check and Enable AD Recycle Bin",
+        "description": "Only run on Domain Controllers, checks for Active Directory Recycle Bin and enables if not already enabled",
+        "shell": "powershell"
     }
 ]
diff --git a/scripts/AD_Check_And_Enable_AD_Recycle_Bin.ps1 b/scripts/AD_Check_And_Enable_AD_Recycle_Bin.ps1
new file mode 100644
index 00000000..eef071ed
--- /dev/null
+++ b/scripts/AD_Check_And_Enable_AD_Recycle_Bin.ps1
@@ -0,0 +1,17 @@
+#Please only run on a domain controller
+#This script will first check if there are any AD Recycle Bin scopes set up - if there are no scopes it is assumed recycle bin feature is not enabled for the domain
+#The script then pulls the domain that the machine running the script is on - queries the domain for the Infrastructure Master and then will attempt to enable the feature
+
+$adRecycleBinScope = Get-ADOptionalFeature -Identity 'Recycle Bin Feature' | Select -ExpandProperty EnabledScopes
+$ADDomain = Get-ADDomain | Select -ExpandProperty Forest
+$ADInfraMaster = Get-ADDomain | Select-Object InfrastructureMaster
+
+if ($adRecycleBinScope -eq $null){
+    Write-Host "Recycle Bin Disabled"
+    Write-Host "Attempting to enable AD Recycle Bin"
+    Enable-ADOptionalFeature -Identity 'Recycle Bin Feature' -Scope ForestOrConfigurationSet -Target $ADDomain -Server $ADInfraMaster.InfrastructureMaster -Confirm:$false
+    Write-Host "AD Recycle Bin enabled for domain $($ADDomain)"
+}
+else{
+    Write-Host "Recycle Bin already Enabled For: $($ADDomain)`n Scope: $($adRecycleBinScope)"
+}
\ No newline at end of file