When to Restore
When an object is deleted in Windows 2008R2, the DC from which the object was deleted
informs the other DCs in the environment about the deletion by replicating what is known as a
tombstone(if the recycle bin isn’t enabled) or Deleted (with recycle bin).
A tombstone or deleted object is a representation of an object that has been deleted from the
directory. The tombstone object is removed by the garbage collection processes, based on the
tombstone lifetime setting, which by default is set to 180 days by default in Windows 2008R2.
A Deleted object will be recycled after the “Recycle object lifetime”, which is by default equal to
the tombstone lifetime, or 180 days in Windows 2008R2.
A backup older than the tombstone lifetime set in Active Directory is not considered to be a
good backup.
Active Directory protects itself from restoring data older than the tombstone lifetime. For
example, let’s assume that we have a user object that is backed up. If after the backup the
object is deleted, a replication operation is performed to the other DCs and the object is
replicated in the form of a tombstone. After 180 days, all the DCs remove the tombstone as part
of the garbage collection process. This is a process routinely performed by DCs to clean up their
copy of the database.
If you attempt to restore the deleted object after 180 days, the object cannot be replicated to
the other DCs in the domain because it has a USN that is older than the level required to trigger
replication. And the other DCs cannot inform the restored DC that the object was deleted, so the
result is an inconsistent directory.
No comments:
Post a Comment