> ******** WARNING - I'd like to point out to you that misuse > of this feature can entirely (and nigh on irrecoverably) destroy a forest ********
Details please? Thanks, Robbie Allen http://www.rallenhome.com/ > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Dean Wells > Sent: Wednesday, August 11, 2004 11:22 AM > To: Send - AD mailing list > Subject: RE: [ActiveDir] Delete ad object without Tombstone lifetime. > > OK, if you had only Windows 2000 or even a hybrid this would not be > particularly feasible nor advisable but since you don’t, it's > going to be > just peachy assuming you're at forest functional level 2 (Server 2003 > Native) ... if you're not, it's still doable, just a lot more > awkward and > less than supported. > > ******** WARNING - I'd like to point out to you that misuse > of this feature > can entirely (and nigh on irrecoverably) destroy a forest ******** > > Windows 2003's Active Directory supports two applicable LDAP features; > dynamic objects and dynamic auxiliary classes. > > 1. Dynamic aux. classes allow you to bolt an auxiliary class > to new object > instances without having first made any schema alterations > (i.e. - no schema > modification of any kind occurred). The attributes assigned to the > auxiliary class then become available to the object > instance(s) to which the > aux. class was assigned. > > 2. Dynamic objects provides a mean by which a TTL (using a > unit of seconds) > can be written to an object after which time it self expires > ~simultaneously > on all DCs without the need for a tombstone. > > By using dyn. aux. classes we can dynamically bolt the > dynamicObject class > to new object instances which serves to provide us the > attributes we need; > most prominently entryTTL. When the entry TTL is populated, > the directory > service calculates an effective "time of death" and writes that to > msDS-Entry-Time-To-Die (both attributes are actually > constructed depending > on how they're used). > > I've not attempted this with CSVDE but have done so numerous > times via code > and through LDIFDE so I'll leave it you to attempt the > LDIF(DE) to CSV(DE) > conversion. Here's an example LDIF file that creates a > "contact" beneath > the domain root using the default-minimum TTL of 15 minutes > (this default > can be reduced if it's too high) - > > [Begin LDIF file named "foo.ldif"] > dn: cn=suicidal,dc=X > changetype: add > objectClass: contact > objectClass: dynamicObject > entryTTL: 901 > [/LDIF file] > > ... here's the command line syntax to inject its content - > > ldifde -i -f foo.ldif -c DC=X <your distinguished name here> > > ... for example - > > ldifde -i -f foo.ldif -c DC=X dc=mset,dc=local > > Hope that proves useful. > > Dean > > -- > Dean Wells > MSEtechnology > * Email: [EMAIL PROTECTED] > http://msetechnology.com > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > BATARD olivier > Sent: Wednesday, August 11, 2004 8:39 AM > To: '[EMAIL PROTECTED]' > Subject: RE: [ActiveDir] Delete ad object without Tombstone lifetime. > > I have a Windows 2003 domain exclusively. > > Olivier BATARD, Technicien système - Poste 1655 Gestion Interne SIGMA > Informatique http://www.sigma.fr > 3 rue Newton, BP 4127, 44241 La Chapelle sur Erdre Cedex > > > > -----Message d'origine----- > De : Dean Wells [mailto:[EMAIL PROTECTED] Envoyé : > mercredi 11 août > 2004 14:41 À : Send - AD mailing list Objet : RE: [ActiveDir] > Delete ad > object without Tombstone lifetime. > > > Do you have Windows 2000, 2003 or a combination? > > -- > Dean Wells > MSEtechnology > * Email: [EMAIL PROTECTED] > http://msetechnology.com > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > BATARD olivier > Sent: Wednesday, August 11, 2004 5:43 AM > To: '[EMAIL PROTECTED]' > Subject: [ActiveDir] Delete ad object without Tombstone lifetime. > > > Hello, > > I'm testing a csvde file and I want to delete object directly,without > Tombstonelifetime. How can I do that ? > > > Thanks, > > Olivier BATARD, Technicien système - Poste 1655 Gestion Interne SIGMA > Informatique http://www.sigma.fr > 3 rue Newton, BP 4127, 44241 La Chapelle sur Erdre Cedex > > > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > > > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > > > > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%40mail.activedir.org/ > List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
