No apologies man. I'm still trying to learn this stuff... :) I'll earmark your post for whenever I read your suggestions.
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean Wells Sent: Friday, August 13, 2004 9:35 AM To: Send - AD mailing list Subject: RE: [ActiveDir] Delete ad object without Tombstone lifetime. Hmmm ... sorry about that. I would suggest giving the MS definitions of "dynamic object" and "dynamic auxiliary class" a read ... they're really pretty good. Dean -- Dean Wells MSEtechnology * Email: [EMAIL PROTECTED] http://msetechnology.com -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Thursday, August 12, 2004 11:45 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] Delete ad object without Tombstone lifetime. hahaha crud. I didn't understand one bit of that! -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of joe Sent: Wednesday, August 11, 2004 10:36 AM To: [EMAIL PROTECTED]; 'Send - AD mailing list' Subject: RE: [ActiveDir] Delete ad object without Tombstone lifetime. Ah. Oh yeah. Very good very good. Dean. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dean Wells Sent: Wednesday, August 11, 2004 10:32 AM To: Send - AD mailing list Subject: RE: [ActiveDir] Delete ad object without Tombstone lifetime. OK, if you had only Windows 2000 or even a hybrid this would not be particularly feasible nor advisable but since you don't, it's going to be just peachy assuming you're at forest functional level 2 (Server 2003 Native) ... if you're not, it's still doable, just a lot more awkward and less than supported. ******** WARNING - I'd like to point out to you that misuse of this feature can entirely (and nigh on irrecoverably) destroy a forest ******** Windows 2003's Active Directory supports two applicable LDAP features; dynamic objects and dynamic auxiliary classes. 1. Dynamic aux. classes allow you to bolt an auxiliary class to new object instances without having first made any schema alterations (i.e. - no schema modification of any kind occurred). The attributes assigned to the auxiliary class then become available to the object instance(s) to which the aux. class was assigned. 2. Dynamic objects provides a mean by which a TTL (using a unit of seconds) can be written to an object after which time it self expires ~simultaneously on all DCs without the need for a tombstone. By using dyn. aux. classes we can dynamically bolt the dynamicObject class to new object instances which serves to provide us the attributes we need; most prominently entryTTL. When the entry TTL is populated, the directory service calculates an effective "time of death" and writes that to msDS-Entry-Time-To-Die (both attributes are actually constructed depending on how they're used). I've not attempted this with CSVDE but have done so numerous times via code and through LDIFDE so I'll leave it you to attempt the LDIF(DE) to CSV(DE) conversion. Here's an example LDIF file that creates a "contact" beneath the domain root using the default-minimum TTL of 15 minutes (this default can be reduced if it's too high) - [Begin LDIF file named "foo.ldif"] dn: cn=suicidal,dc=X changetype: add objectClass: contact objectClass: dynamicObject entryTTL: 901 [/LDIF file] ... here's the command line syntax to inject its content - ldifde -i -f foo.ldif -c DC=X <your distinguished name here> ... for example - ldifde -i -f foo.ldif -c DC=X dc=mset,dc=local Hope that proves useful. Dean -- Dean Wells MSEtechnology * Email: [EMAIL PROTECTED] http://msetechnology.com -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of BATARD olivier Sent: Wednesday, August 11, 2004 8:39 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] Delete ad object without Tombstone lifetime. I have a Windows 2003 domain exclusively. Olivier BATARD, Technicien système - Poste 1655 Gestion Interne SIGMA Informatique http://www.sigma.fr 3 rue Newton, BP 4127, 44241 La Chapelle sur Erdre Cedex -----Message d'origine----- De : Dean Wells [mailto:[EMAIL PROTECTED] Envoyé : mercredi 11 août 2004 14:41 À : Send - AD mailing list Objet : RE: [ActiveDir] Delete ad object without Tombstone lifetime. Do you have Windows 2000, 2003 or a combination? -- Dean Wells MSEtechnology * Email: [EMAIL PROTECTED] http://msetechnology.com -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of BATARD olivier Sent: Wednesday, August 11, 2004 5:43 AM To: '[EMAIL PROTECTED]' Subject: [ActiveDir] Delete ad object without Tombstone lifetime. Hello, I'm testing a csvde file and I want to delete object directly,without Tombstonelifetime. How can I do that ? Thanks, Olivier BATARD, Technicien système - Poste 1655 Gestion Interne SIGMA Informatique http://www.sigma.fr 3 rue Newton, BP 4127, 44241 La Chapelle sur Erdre Cedex List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
