3.1.1.5.5.6.3 Transformation into a Recycled-Object
When the delete operation results in the transformation of an object into a recycled-object, the following processing rules apply to the delete operation:
For originating updates:
Additional operations might be performed if the object being modified is a SAM-specific object (section 3.1.1.5.2.3); see [MS-SAMR] section 3.1.1.8).
All attribute values are removed from the object, with the following exceptions:
nTSecurityDescriptor, attributeID, attributeSyntax, dNReferenceUpdate, dNSHostName, flatName, governsID, groupType, instanceType, lDAPDisplayName, lastKnownParent, ms-DS-lastKnownRDN, legacyExchangeDN, mS-DS-CreatorSID, mSMQOwnerID, nCName, objectClass, distinguishedName, objectGUID, objectSid, oMSyntax, proxiedObjectName, name, replPropertyMetaData, sAMAccountName, securityIdentifier, sIDHistory, subClassOf, systemFlags, trustPartner, trustDirection, trustType, trustAttributes, userAccountControl, uSNChanged, uSNCreated, whenCreated attribute values are retained.
In AD LDS, the msDS-PortLDAP attribute is also retained.
The attribute that equals the rdnType of the object (for example, cn for a user object) is retained.
Any attribute that has the fPRESERVEONDELETE flag set in its searchFlags is retained, except objectCategory and sAMAccountType, which are always removed, regardless of the value of their searchFlags.
All outgoing linked attribute values are removed, but not as an originating update. These values are simply removed.
All incoming linked attribute values are removed, but not as an originating update. These values are simply removed.
The isDeleted attribute is set to true.
The isRecycled attribute is set to true.
The object is moved into the Deleted Objects container in its NC, except in the following scenarios, when it MUST remain in its current place:
The object is an NC root.
The object's systemFlags value has the FLAG_DISALLOW_MOVE_ON_DELETE bit set.