13

Sorry -- I'm not really a Windows System Admin, just trying to slam through some LDAP interactions in Java.

I'm finding a ton of objects with "DEL:" in the distinguishedName. Are these orphaned items that are awaiting garbage collection? How do I remove them? I can't really find them through ADUC, but I can find them via Java LDAP.

Richie Foreman
  • 233
  • 1
  • 4

1 Answers1

14

These are deleted objects. The process happens when an object is deleted so that other domain controllers can be made aware of the deletion. This is documented in great detail on TechNet.

Don't delete these, write your program to not return them as results. Excluding CN=Deleted Objects, DC=Domain, DC=tld from your queries should be enough, as this is where they're all put.

MDMarra
  • 100,734
  • 32
  • 197
  • 329
  • 2
    I wish I had enough Karma here to upvote you or accept this as an answer -- Thanks for the super speedy response! :) – Richie Foreman Feb 11 '13 at 03:33
  • @RichieForeman You can accept an answer regardless of your rep. See [How does accepting an answer work?](http://meta.stackexchange.com/questions/5234/how-does-accepting-an-answer-work) -- you need to wait at least 15 minutes before you can accept. – jscott Feb 11 '13 at 03:34