| |
What are tombstone objects?
Because of Windows 2000’s and Active Directory’s (AD’s) complex
replication, if you simply delete an object, Win2K’s replication algorithm
might recreate the object at the next replication interval. Thus, AD marks
deleted objects with tombstones.
Win2K deletes tombstone objects 60 days after their original tombstone status
setting. To change this default time (which I don’t recommend), modify the
tombstonelifetime setting under the
cd=DirectoryServices,cn=WindowsNT,cn=Services,cn=Configuration,dc=DomainName
parameter.
Security FAQ
Windows Privacy Tools - http//www.privacywindows.com
| |
