Active Directory Security Tip #7: The Tombstone Lifetime

News
Yanac

The Tombstone lifetime (TSL) in Active Directory is the limit as to how long a deleted object can remain in AD. The original value was 60 (days). Windows versions since Windows 2003 SP2 have this set to 180 (days). Note that this also affects backups, how long a backup is valid and replication – if … Continue readingActive Directory & Azure AD/Entra ID SecurityRead More