Tombstone Operations

Tombstone Lifetime

Objects deleted from the enterprise directory are not physically deleted for a certain period of time. In the enterprise directory, object’s isDeleted attribute is set to TRUE and they are located in the deleted objects section.

After a specified time period, this deleted object attribute is deleted on all servers by replicating on domain servers.

Note

Tombstone Lifetime: The number of days before a deleted object is completely removed from directory services. After this period, the deleted object is permanently removed.

Note

If the Recycle Bin is activated, the deleted objects in the enterprise directory are first transferred to the deleted objects section so that they can be restored when necessary.

Note

If the recycle bin module is enabled in the enterprise directory and the msDS-DeletedObjectLifetime is not set, the physical deletion time of the objects becomes twice the time of the tombstone lifetime of the msDS-DeletedObjectLifetime.

If the msDS-DeletedObjectLifetime is specified, the physical deletion time will be msDS-DeletedObjectLifetime + tombstone lifetime.

Warning

Tombstone lifetime must be more than the replication delay between domain controllers.

Editing Tombstone Lifetime

To set tombstone lifetime in SambaBox, enter a value in days and press the [Save] button.

Tombstone Expunge

In some cases, objects may have expired tombstone lifetime but could not be physically deleted, or it may be necessary to physically delete them before the waiting period.

Tombstone Expunge

  • To physically delete objects that are logically deleted but with a certain tombstone lifetime, enter the day value on the Tombstone Delete screen and press the [Delete Records] button.

  • Check the All box on the Tombstone Delete screen and press the [Delete Records] button to physically delete all logically deleted objects immediately.