This is quite a hot question that I get a lot when delivering trainings or helping customers. While most of them know the value, what actually is they do not know.
The Tombstone Lifetime is an attribute of the Directory Services object which can be found with ADSI Edit here: CN=Directory Service,CN=Windows NT,CN=Services,CN=Configuration,DC=WindowsRockstar,DC=com.
The attribute by default can have 2 values, depending on the OS version that was used when the forest was initially deployed.
It can have no value – this translates to the fact that the forest was started in Windows Server 2000, Windows Server 2003 or Windows Server 2008. This means the Tombstone Lifetime is 60 days.
Starting with Windows Server 2008 R2 the value of the Tombstone Lifetime attribute is 180 days.
The minimum value that we can set the Tombstone Lifetime to is 2 days. If we set it to less it will default to 60 days ( Windows Server 2000, Windows Server 2003 or Windows Server 2008) or 2 days starting with Windows Server 2008 R2 and later.
Below you have an image with the default value in Windows Server 2022
Finding out the tombstone lifetime is easy and I wrote about it here.
The tombstone lifetime will influence how long we can use the Active Directory backup and how long an object will remain in recycled or deleted state. About this in a future article.