summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGerald Carter <jerry@samba.org>2005-12-12 18:55:54 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 11:05:49 -0500
commit3f6d9a7b9d35331992fdd069b7752f3082fe0b1b (patch)
treef4ae776fdab98f7888f6cf097025ace3e6a323b8
parentfa4df827d0b7e6e280a1736fb45772ed27131e64 (diff)
downloadsamba-3f6d9a7b9d35331992fdd069b7752f3082fe0b1b.tar.gz
samba-3f6d9a7b9d35331992fdd069b7752f3082fe0b1b.tar.bz2
samba-3f6d9a7b9d35331992fdd069b7752f3082fe0b1b.zip
r12196: patch from Krishna Ganugapati <krishnag@centeris.com>
Use the subtree delete ldap control when running 'net ads leave' to ensure that the machine account is actually deleted. (This used to be commit e96000c16cd182b2e2cbdc1a287002306d2965e6)
-rw-r--r--source3/libads/ldap.c18
1 files changed, 17 insertions, 1 deletions
diff --git a/source3/libads/ldap.c b/source3/libads/ldap.c
index fa2a8b5ea5..8c8401dff9 100644
--- a/source3/libads/ldap.c
+++ b/source3/libads/ldap.c
@@ -37,6 +37,9 @@
* codepoints in UTF-8). This may have to change at some point
**/
+
+#define LDAP_SERVER_TREE_DELETE_OID "1.2.840.113556.1.4.805"
+
static SIG_ATOMIC_T gotalarm;
/***************************************************************
@@ -1796,6 +1799,11 @@ ADS_STATUS ads_leave_realm(ADS_STRUCT *ads, const char *hostname)
void *res, *msg;
char *hostnameDN, *host;
int rc;
+ LDAPControl ldap_control;
+ LDAPControl * pldap_control[] = {&ldap_control, 0};
+
+ memset(&ldap_control, 0, sizeof(LDAPControl));
+ ldap_control.ldctl_oid = (char *)LDAP_SERVER_TREE_DELETE_OID;
/* hostname must be lowercase */
host = SMB_STRDUP(hostname);
@@ -1813,7 +1821,15 @@ ADS_STATUS ads_leave_realm(ADS_STRUCT *ads, const char *hostname)
}
hostnameDN = ads_get_dn(ads, (LDAPMessage *)msg);
- rc = ldap_delete_s(ads->ld, hostnameDN);
+
+
+ rc = ldap_delete_ext_s(ads->ld, hostnameDN, pldap_control, NULL);
+ if (rc) {
+ DEBUG(3,("ldap_delete_ext_s failed with error code %d\n", rc));
+ }else {
+ DEBUG(3,("ldap_delete_ext_s succeeded with error code %d\n", rc));
+ }
+
ads_memfree(ads, hostnameDN);
if (rc != LDAP_SUCCESS) {
return ADS_ERROR(rc);