Just as important as retrieving incremental changes from the Microsoft Exchange Server directory is the ability to retrieve deleted objects. This can be done by binding using clear text authentication with ",cn=admin" appended to the user's DN (for example, dc=domain,cn=jsmith,cn =admin). For information about clear text authentication, see the online Help for the Administrator program.
After a client is authenticated by the Microsoft Exchange Server directory with ",cn=admin" in the user's DN, it can query for an operational attribute called "is-deleted." This is a Boolean attribute that indicates whether the object has been deleted.
A deleted object is referred to as a tombstone. Tombstones exist for a period of time indicated by the "Tombstone lifetime" parameter on the DS Site Configuration tab in the Administrator program. By default, the "Tombstone lifetime" is set to 30 days. If your application must remove deletions from the Microsoft Exchange Server directory, make sure that it runs within the Tombstone lifetime period.