3.1.1.5.5.1.1 Tombstone Requirements

The following requirements apply to all tombstones except the Deleted Objects container (which is considered a tombstone and never an existing-object if the Recycle Bin optional feature is not enabled):

• The isDeleted attribute is set to TRUE on tombstones.

• The tombstone does not have descendant objects.

• The tombstone remains in the database and is available for outbound replication for at least the tombstone lifetime time interval (see section 6.1.1) after its transformation into a tombstone.

• A tombstone does not retain the attribute values of the original existing-object for any attributes except for the following:

  • The attribute that is the RDN, plus the objectGUID and objectSid attributes.

  • Attributes marked as being preserved on deletion (see section 2.2.9).

  • Attributes on the following list:

    • attributeID, attributeSyntax, dNReferenceUpdate, dNSHostName, flatName, governsID, groupType, instanceType, lDAPDisplayName, legacyExchangeDN, isDeleted, isRecycled, lastKnownParent, msDS-LastKnownRDN, mS-DS-CreatorSID, mSMQOwnerID, nCName, objectClass, distinguishedName, objectGUID, objectSid, oMSyntax, proxiedObjectName, name, nTSecurityDescriptor, replPropertyMetaData, sAMAccountName, securityIdentifier, sIDHistory, subClassOf, systemFlags, trustPartner, trustDirection, trustType, trustAttributes, userAccountControl, uSNChanged, uSNCreated, whenCreated, msDS-PortLDAP

• A tombstone does not retain the attribute values of the original object for the attributes objectCategory and sAMAccountType or for any linked attributes even if these attributes would otherwise be retained according to the preceding bullet point. In other words, when an object is deleted and transformed into a tombstone, objectCategory values, sAMAccountType values, and any linked attribute values on it are always removed.

• NC replicas do not contain objects with linked attribute values referencing tombstones. In other words, when an object is deleted and transformed into a tombstone, any linked attribute values on other objects referencing it are also removed.

• If any NC replicas contain other objects with nonlinked attribute values referencing a tombstone, then those attribute values on those objects are retained.  In other words, when an object is deleted and transformed into a tombstone, any nonlinked attribute values on other objects referencing it are not removed.

• Except as described in section 3.1.1.5.5.6, tombstones exist only in the Deleted Objects container of an NC.

• Except as described in section 3.1.1.5.5.6, tombstones have "delete-mangled RDNs".

• A protected object cannot be deleted and transformed into a tombstone (see Protected Objects (section 3.1.1.5.5.3)).

The following requirements apply to the Deleted Objects container when it is a tombstone:

• The isDeleted attribute is set to TRUE.

• The Deleted Objects container always remains in the database and is available for outbound replication.

• The Deleted Objects container does not have a "delete-mangled RDN".

Note especially that many of the restrictions specified in this section on other tombstones pertaining to attribute values do not apply to the Deleted Objects container.