JSI Tip 9279. How can I enable non-administrators to view the Active Directory deleted objects container in Windows Server 2003 and in Windows 2000 Server?

Jerold Schulman

April 19, 2005

1 Min Read
ITPro Today logo in a gray background | ITPro Today

Microsoft Knowledge Base Article 892806 contains the following summary:

When an Active Directory object is deleted, a small part of the object remains for a specified period in the deleted objects container so that other domain controllers that are replicating changes will become aware of the deletion. By default, the System account and members of the Administrators group only can view the contents of this container. This article describes how to modify the permissions on the deleted objects container.

You may have to modify the permissions on the deleted objects container if the following conditions are true:

• You have enterprise applications or services that bind to Active Directory with a non-System account or a non-Administrator account.

• These enterprise applications or services poll for directory changes.



Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like