Send Knowledge Base Article
The article has been sent to your inbox successfully.
We never share your data
What is "tombstoneLifetime" attribute and what is it used for?
KB1063 | Last review: Jul 13, 2017 | Netwrix Auditor for Active Directory | All versions
|Question||I changed the Repository retention period and console asks me to change the attribute "tombstoneLifetime", why?|
|Answer||You can restore deleted Active Directory objects and their attributes using the Active Directory Object Restore tool integrated with Netwrix Auditor. The tool finds the information on deleted objects in the product snapshots (this data is stored in the Audit Archive, a local file-based storage of audit data), and in AD tombstones. To be able to restore deleted AD objects, you must adjust the AD tombstone lifetime property (set by default to 60 days in Windows 2003 and to 180 in Windows 2008 and above) so that it complies with the Audit Archive retention period (2 years by default). For example, if you change both values to 365 days, you will only be able to restore objects that were deleted within this period.
To adjust the tombstone lifetime property value, perfrom the following steps:
NOTE: To perform this procedure, you will need the ADSI Edit utility. In Windows 2003 systems, this utility is a component of Windows Server Support Tools. If it has not been installed, download Windows Server Support Tools from the official website. On Windows 2008 systems and above, this component is installed together with the AD DS role.
To modify the Audit Archive retention setting, perform the following steps:
Was this information helpful?