Re: Deleted Objects

From: Venkatesan (anonymous_at_discussions.microsoft.com)
Date: 08/24/04 

Date: Tue, 24 Aug 2004 01:40:08 -0700

You are talking about the relationship between the objects.
Actually I am talking about the deleted objects and those
entries are marked as

" CN=GoldPolicyRule_7_1\ DEL:c8597066-9476-4493-ab13-
f7004bf82a63,CN=Deleted Objects,DC=mycompany,DC=local "

I want to remove this entry immediately when I delete this
GoldPolicyRule_7_1 object.

NOTE: The above value is related to one attribute of OU
object.

Thanks.
M Venkatesan

>-----Original Message-----
>Yep backlinks or you have to have something monitor your
objects and clean out
>references to deleted objects. Backlinks are the better
way though because they
>will also handle moved obejcts (which is what a deleted
object effectively is).
>
> joe
>
>--
>Joe Richards Microsoft MVP Windows Server Directory
Services
>www.joeware.net
>
>
>
>Joe Kaplan (MVP - ADSI) wrote:
>> The way it works is that DN syntax attributes with
matching backlink
>> attributes (e.g. member and memberOf) will have
automatically "clean up"
>> removed references. DN attributes that don't have a
backlink will have the
>> DN change the DN of the tombstone DN of the deleted
object.
>>
>> So, what you should probably do is change your schema
to include backlinks.
>> There is some reference to how to do this the AD
reference in MSDN. Note
>> that you can't set the linkID attribute after creation,
so you will probably
>> need to start over with new attributes to do this.
>>
>> HTH,
>>
>> Joe K.
>>
>> <anonymous@discussions.microsoft.com> wrote in message
>> news:b14e01c488c9$022500c0$a601280a@phx.gbl...
>>
>>>Yes. I have created some poliy rules and users. And
also I
>>>associated those rules to some users. When I deleted the
>>>rule , then I was expecting that the rule entry will not
>>>associated to this user. But it mared as deleted
objects.
>>>Is there any way to remove this entry from that user?
But
>>>this happens for OpenLDAP.( with EQUALITY rule) Thats
why
>>>I am searching these kind of stuff in AD.
>>>
>>>Thanks.
>>>M Venkatesan
>>>
>>>
>>>
>>>
>>>>-----Original Message-----
>>>>What corresponding entries? Should I guess that you
have
>>>
>>>set up some custom DN
>>>
>>>>attributes on other objects that link to the user's DN
>>>
>>>and those aren't being
>>>
>>>>cleaned up?
>>>>
>>>>--
>>>>Joe Richards Microsoft MVP Windows Server Directory
>>>
>>>Services
>>>
>>>>www.joeware.net
>>>>
>>>>
>>>>
>>>>maya_v wrote:
>>>>
>>>>>In Active Directory, when we delete an object, the
>>>>>corresponding entries in the attribute of any other
>>>>>objects should be removed. But it is not removed in
AD.
>>>>>Instead it is marked as deleted entry. This affects
our
>>>>>operation.
>>>>>While debugging AD, we found a property named
tombstone
>>>>>lifetime. We configured it as "0". Even after this
>>>>>configuration, AD doesn't removes the deleted
attribute
>>>>>entries.
>>>>>
>>>>
>>>>.
>>>>
>>
>>
>>
>.
>