Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [tombstones]

8 questions
9
votes
4 answers

How to clean up orphaned SID's in ACEs in AD?

As a follow up to my question Do backlinks clear in AD for deleted users I have another related but different question. Since I am informed in the answers there that a deleted object's SID (Group or User, so assigning rights to group only minimizes…
geoffc
  • 2,135
  • 5
  • 25
  • 37
1
vote
0 answers

How do I determine a “known-good” DC in preparation for detecting lingering objects?

Update I tried using the `Lingering Object Liquidator' tool, but am left with the same primary question (and changed the question). See comments for details I'm seeing Event Id 2042 in my Directory Services event log. The pertinent failure is as…
VA systems engineer
  • 111
  • 3
1
vote
1 answer

AD DS default tombstone interval in different versions of Windows Server?

I was not able to find some technet article which lists value of this setting for different versions of Windows Server. There are some information in various blogs but it looks controversial at times... Any link to full & exact list?
Mikhail
  • 1,287
  • 3
  • 18
  • 35
1
vote
1 answer

Scripting WINS Tombstone Removal

I'm creating a script to remove the tombstoned entries in WINS (required for exchange w/ multi domains). What I'd like to know is if removing those old entries will break anything? Or if there's anything I should look out for?
Colyn1337
  • 2,387
  • 2
  • 22
  • 38
1
vote
2 answers

Is it possible to find deleted objects in active directory without the assistance of a DLP software?

It seems like a large number of security groups have been deleted from the organization's AD. I was able to find the tombstones but I see there 1400 objects from the last 180 days and I know for certain that the important groups which have been…
Itai Ganot
  • 10,424
  • 27
  • 88
  • 143
1
vote
1 answer

How do backlinks clear in Active Directory? (Within domain, and between domains)

Lets say you have a user in AD. They get all sorts of rights granted over time. They also get access in a remote domain that trusts your domain, to resources. Then they leave the company and you delete their object. The deleted object becomes a…
geoffc
  • 2,135
  • 5
  • 25
  • 37
0
votes
1 answer

Can't remove tombstones cells in Cassandra

we are using a cassandra single node cluster for experimenting and one problem we are hitting now is tombstones cells. Each row contain 2 tombstone cells and we are stuck in trying to remove them. They are causing abortion of our queries as…
BangTheBank
  • 121
  • 3
0
votes
1 answer

Safe to start CA-server past its tombstone?

I have a CA-server that has been offline for 185 days, so past the tombstone period of 180 days. Is it safe to start it up, or is there a high chance I will mess up my domain? The only roles installed are Active Directory Certificate Services and…
Ompakim
  • 3
  • 1