3.4.4.2.3.2.1 ActiveDirectoryPartition/DeletedObjectsContainer

The DeletedObjectsContainer element contains the distinguished name of the container object that contains deleted objects (see [MS-ADTS] section 6.1.1.4.2) of the domain.

 <xs:element name="DeletedObjectsContainer" nillable="true" type="xs:string" />

The DeletedObjectsContainer element is populated from the DN portion ([MS-ADTS] section 6.1.1.4) of one of the values of the multivalued attribute domainDNS!wellKnownObjects on the domain NC root object which meets the following criteria:

  • The Binary portion of the value is equal to GUID_DELETED_OBJECTS_CONTAINER_W. See [MS-ADTS] section 6.1.1.4.

If multiple values satisfy the above requirements, then only one of the values MUST be chosen, but any of the values MAY be chosen<41> to populate the element. If no values satisfy the above requirements, the server returns a null ActiveDirectoryPartition/DeletedObjectsContainer element. If the domainDNS!wellKnownObjects attribute is not present or cannot be read due to the client lacking access rights to read the attribute, the server returns the SOAP fault described in section 3.4.4.2.8.1