Nik said:Hey
hi is there any tool in AD that I can use to do a directory clean up. I
remember with Novell NDS i used DSRepair.
CN={97472755-75AC-40A1-84E1-EED96D3D5D90}\0ADEL:1ef82bfa-19a0-4e1b-a8fd-ce7d65d62842,CN=DeletedobjectClass: top
objectClass: container
cn: Deleted Objects
description: Default container for deleted objects
distinguishedName: CN=Deleted Objects,DC=joe,DC=com
instanceType: 4
whenCreated: 20040309041843.0Z
whenChanged: 20040625234526.0Z
uSNCreated: 16364
isDeleted: TRUE
uSNChanged: 16364
showInAdvancedViewOnly: TRUE
name: Deleted Objects
objectGUID: {42777F47-D988-4ACD-ABEF-E79B55A8660B}
systemFlags: -1946157056
objectCategory: CN=Container,CN=Schema,CN=Configuration,DC=joe,DC=com
isCriticalSystemObject: TRUE
dn:CN=MicrosoftDNS\0ADEL:797d087c-80ab-47f7-bf83-b679ec12d50e,CN=Deleted
Objects,DC=joe,DC=com
objectClass: top
objectClass: container
cn: MicrosoftDNS DEL:797d087c-80ab-47f7-bf83-b679ec12d50e
CN=MicrosoftDNS\0ADEL:797d087c-80ab-47f7-bf83-b679ec12d50e,CN=Deleted
Objects,DC=joe,DC=com
instanceType: 4
whenCreated: 20040309042606.0Z
whenChanged: 20040626011705.0Z
uSNCreated: 20574
isDeleted: TRUE
uSNChanged: 24920
name: MicrosoftDNS DEL:797d087c-80ab-47f7-bf83-b679ec12d50e
objectGUID: {797D087C-80AB-47F7-BF83-B679EC12D50E}
lastKnownParent: CN=System,DC=joe,DC=com
dSCorePropagationData: 20040626011705.0Z
dSCorePropagationData: 20040626011705.0Z
dSCorePropagationData: 16010101010816.0Z
dn:CN=Machine\0ADEL:843b1337-df87-410b-a8d0-e11f9cb52a2b,CN=Deleted
Objects,DC=joe,DC=com
objectClass: top
objectClass: container
cn: Machine DEL:843b1337-df87-410b-a8d0-e11f9cb52a2b
CN=Machine\0ADEL:843b1337-df87-410b-a8d0-e11f9cb52a2b,CN=Deleted
Objects,DC=joe,DC=com
instanceType: 4
whenCreated: 20040502141536.0Z
whenChanged: 20040625234655.0Z
uSNCreated: 20585
isDeleted: TRUE
uSNChanged: 20586
name: Machine DEL:843b1337-df87-410b-a8d0-e11f9cb52a2b
objectGUID: {843B1337-DF87-410B-A8D0-E11F9CB52A2B}
lastKnownParent:
from to time u might delete items from the directory so i just wanted 2
ensure they are properly purged.
Joe Richards said:When an item is deleted it goes to the Deleted Objects container for that
partition. The objects reside there for the length of the tombstone period, the
default is 60 days allowing time for replication to get to all of the DCs in the
domain and GCs in the forest. Then at the time the next scavenge occurs after
the 60 days is up the object is removed from all DCs.
If you want to see the deleted objects while in this tombstone state you can
follow the MSKB intructions for doing so or download my free command line ldap
query tool called adfind (find it on free c++ win32 tools at www.joeware.net)
and use the -showdel option....
An example to show deleted objects in the default partition would be:
[Thu 07/01/2004 12:11:24.74]
G:\TEMP\delete>adfind -default -showdel -f isdeleted=TRUE
AdFind V01.17.00cpp Joe Richards ([email protected]) May 2004
Using server: 2k3dc01.joe.com
Base DN: DC=joe,DC=com
dn:CN=Deleted Objects,DC=joe,DC=comCN={97472755-75AC-40A1-84E1-EED96D3D5D90}\0ADEL:1ef82bfa-19a0-4e1b-a8fd-ce7dobjectClass: top
objectClass: container
cn: Deleted Objects
description: Default container for deleted objects
distinguishedName: CN=Deleted Objects,DC=joe,DC=com
instanceType: 4
whenCreated: 20040309041843.0Z
whenChanged: 20040625234526.0Z
uSNCreated: 16364
isDeleted: TRUE
uSNChanged: 16364
showInAdvancedViewOnly: TRUE
name: Deleted Objects
objectGUID: {42777F47-D988-4ACD-ABEF-E79B55A8660B}
systemFlags: -1946157056
objectCategory: CN=Container,CN=Schema,CN=Configuration,DC=joe,DC=com
isCriticalSystemObject: TRUE
dn:CN=MicrosoftDNS\0ADEL:797d087c-80ab-47f7-bf83-b679ec12d50e,CN=Deleted
Objects,DC=joe,DC=com
objectClass: top
objectClass: container
cn: MicrosoftDNS DEL:797d087c-80ab-47f7-bf83-b679ec12d50e
CN=MicrosoftDNS\0ADEL:797d087c-80ab-47f7-bf83-b679ec12d50e,CN=Deleted
Objects,DC=joe,DC=com
instanceType: 4
whenCreated: 20040309042606.0Z
whenChanged: 20040626011705.0Z
uSNCreated: 20574
isDeleted: TRUE
uSNChanged: 24920
name: MicrosoftDNS DEL:797d087c-80ab-47f7-bf83-b679ec12d50e
objectGUID: {797D087C-80AB-47F7-BF83-B679EC12D50E}
lastKnownParent: CN=System,DC=joe,DC=com
dSCorePropagationData: 20040626011705.0Z
dSCorePropagationData: 20040626011705.0Z
dSCorePropagationData: 16010101010816.0Z
dn:CN=Machine\0ADEL:843b1337-df87-410b-a8d0-e11f9cb52a2b,CN=Deleted
Objects,DC=joe,DC=com
objectClass: top
objectClass: container
cn: Machine DEL:843b1337-df87-410b-a8d0-e11f9cb52a2b
CN=Machine\0ADEL:843b1337-df87-410b-a8d0-e11f9cb52a2b,CN=Deleted
Objects,DC=joe,DC=com
instanceType: 4
whenCreated: 20040502141536.0Z
whenChanged: 20040625234655.0Z
uSNCreated: 20585
isDeleted: TRUE
uSNChanged: 20586
name: Machine DEL:843b1337-df87-410b-a8d0-e11f9cb52a2b
objectGUID: {843B1337-DF87-410B-A8D0-E11F9CB52A2B}
lastKnownParent:
65d62842,CN=Deleted
Objects,DC=joe,DC=com
<SNIP>
--
Joe Richards Microsoft MVP Windows Server Directory Services
www.joeware.net
from to time u might delete items from the directory so i just wanted 2
ensure they are properly purged.
Nik wrote:
Hey
hi is there any tool in AD that I can use to do a directory clean up. I
remember with Novell NDS i used DSRepair.
I don't know what You want to do but most thing can be done with
ntdsutil.exe
http://www.microsoft.com/resources/...erver/reskit/en-us/distsys/part5/dsgappc.mspx
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.