Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Tombstone lifetime 2

Status
Not open for further replies.
pinkpanther56

pinkpanther56

Technical User
Jun 15, 2005
807
GB
Can someone tell me how to find the Tombstone lifetime for my domain. I have updated our server 2003 domain to 2008 and would like to find out how what the Tombstone now is.

I will be using a couple of virtual domain controllers (I also have a physical box still) I aim to take a copy of the VM's every couple of months in case they need to be restored but I need to make sure that I don't exceed the tombstone lifetime.

Thanks for any input.
 
Sort by date Sort by votes
- Changing the Tombstone Lifetime Attribute in Active Directory


You can check your tombstone lifetime attribute by using the following command:
Code: 
dsquery * " cn=Directory Service,cn=Windows NT,cn=Services,cn=Configuration,dc=" -scope base -attr tombstonelifetime
Click to expand...


Joey
CCNA, MCSA 2003, MCP, A+, Network+, Wireless#
 
Upvote 0 Downvote
I will be using a couple of virtual domain controllers (I also have a physical box still) I aim to take a copy of the VM's every couple of months in case they need to be restored
Click to expand...

Don't restore a DC from a snapshot/copy, you'll end up with USN rollbacks, which are not fun to deal with.

Back the domain controllers up with your preferred backup software or use Windows Backup.

Paul
MCTS: Exchange 2007, Configuration
MCSA:2003
MCSE:2003
MCITP:Enterprise Administrator

RFC 2795 - The Infinite Monkey Protocol Suite (IMPS)
 
Upvote 0 Downvote
@ pagy - Ok so to restore a DC I would need to restore the VM offline then restore a recent system state then bring it back up?


@ IllogicallyLogical - i've checked and it says <Not Set> so as the forest was created on server 2003 SP0 it should be 60 days, can I just edit this value if I wish to extend the lifetime?

Thanks.
 
Upvote 0 Downvote
Yes, the <not set> value would indicate that the tombstone attribute is set to default. Since the forest was created on a Windows Server 2003 machine with no service pack, the default would be 60 days. If you wish to extend the lifetime, just follow the documentation in the link I provided earlier. In accordance with pagy's post about proper backup and restore methods of Active Directory and running Active Directory in a virtualized environment, I am linking some informational documents that will be of help.

- Determine the tombstone lifetime for the forest


- Considerations when hosting Active Directory domain controller in virtual hosting environments


- How to detect and recover from a USN rollback in Windows Server 2003


- Administering Active Directory Backup and Restore


Joey
CCNA, MCSA 2003, MCP, A+, Network+, Wireless#
 
Upvote 0 Downvote
Reading those articles it seems that i'm fine to restore a backed up VM DC as long as it is still within the tombstone lifetime. Correct?
 
Upvote 0 Downvote
Correct that, I can restore the VM offline then restore a recent system state then bring it back up.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

amanua
  • Locked
  • Question
tombstone lifetime exceeded
Replies
2
Views
39
dberg35
dberg35
bran2235
  • Locked
  • Question
Tombstone Issue- Correct procedure to dcpromo?
Replies
3
Views
53
markdmac
markdmac
kabutomz
  • Locked
  • Question
Tombstone lifetime. HELP!!!!!
Replies
6
Views
32
mlichstein
mlichstein
TekkieDave
  • Locked
  • Question
Time error caused &quot;Exceeded tombstone lifetime&quot; 2
Replies
7
Views
51
bofhrevenge2
bofhrevenge2
bofhrevenge2
  • Locked
  • Question
Source has exceeded tombstone?
Replies
2
Views
47
bofhrevenge2
bofhrevenge2

Part and Inventory Search

Sponsor

Back
Top