How to change tombstonelifetime value

If we delete an object from the active directory, it does not delete the object from the active directory permanently. Active directory sets the attribute isDeleted for deleted object and move it to on CN=Deleted Objects container. The Deleted objects are called as tombstone.

Server Editions Tombstonelifetime
Windows 2000 server 60 days
windows 2003 server 60 days
windows 2003 server sp1 180 days
windows 2003 r2 sp1 60 days
windows 2003 r2 sp2 180 days
windows 2008 server 180 days

Steps to change the tombstone lifetime value.

Step 1:  Open the Adsieditor

Execute the adsiedit.msc command .

Step 2: Click the Configuration partition in ADSI editor

Step 3:  Click the CN=services in configuration partition

Step 4: Click the CN=windows nt and then right click the CN=Directory service, choose and click properties.

Step 5:  Now we can see the directory service attributes. From there choose the tombstoneLifetime and modify it.

modify the value

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: