Register now or log in to join your professional community.
Tombstone is a container object that contains the deleted objects from Active Directory. Actually when an object is deleted from Active Directory, it is not physically removed from the Active Directory for some days. Rather, the Active Directory sets the ‘isDeleted' attribute of the deleted object to TRUE and move it to a special container called Tombstone, previously known as CN=Deleted Objects
Tombstone is a deleted object of an active directory which resides in the database.
A tombstone is an object deleted from the directory, but not yet removed from the database. They are removed (physically deleted) by the garbage collection process once they are older than the tombstone lifetime.The tombstones cannot be accessed through Windows Directories or through Microsoft Management Console (MMC) snap-ins. However, tombstones are available to Directory Replication Process, so that the tombstones are replicated to all the domain controllers in the domain.
Tombstone is an object that has its attribute set to TRUE when it is deleted in the Active directory, It is located in the ADSI Edit.
When an object is deleted in Active directory, it does not remove the object from the database. It just set the "isDeleted" attribute to true. It is invisible to other processes but visible to AD replication process to make sure that the object is deleted from all DC's.
tombsone is an active directory object which has been deleted yet recoverable from database . It can be found in the Security properties of the corresponding OU from where the object was deleted