Tombstone
is a container object that contains the deleted objects from Active Directory. When
an object is deleted from Active Directory, it is not physically removed from
the Active Directory up to few days. The tombstones cannot be accessed through MMC
Microsoft Management Console or Windows
Directories, Active Directory sets is Deleted attribute of the deleted object
to TRUE and move it to a special container called Tombstone, knows as
CN=Deleted Objects. The default set value for tombstone lifetime attribute is
60 days, you can extend this value if required, and lifetime value is kept
longer than the expected. The tombstone lifetime attribute remains same on all
the domain controllers and it is deleted from all the servers at the same time.
Tombstone Lifetime Attribute Can be Changed in Three Ways
1.Using ADSIEdit tool
2.LDIF file
3.VBScript
Tombstone Lifetime Attribute Can be Changed in Three Ways
1.Using ADSIEdit tool
2.LDIF file
3.VBScript