Delete objects in synchronized directories

When you delete an object, such as a user, from a Windows Active Directory, the deleted object goes into a deleted object container for a period of time. When you use the Equitrac Scheduling feature to synchronize Active Directory accounts, the Scheduler looks at this container for deleted user accounts. If you have selected the Deletes ADS update option, Scheduler also flags any corresponding user accounts in Equitrac as deleted.

In order to access the contents of the deleted object container, you must use theEQModifyDeletedContainerSecurity command line tool to give Equitrac permission to view and manage the container’s contents. This utility assigns container access permissions to the user ID that starts the Scheduler service. See Directory Synchronization Access Permissions for more information on using this utility.

To run this utility, you must have Active Directory administrator privileges in addition to having Equitrac System Manager rights.