3 files changed, 20 insertions, 10 deletions

diff --git a/docs/docbook/manpages/smb.conf.5.sgml b/docs/docbook/manpages/smb.conf.5.sgml
index 08a23a22bd..c45b698a41 100644
--- a/docs/docbook/manpages/smb.conf.5.sgml
+++ b/docs/docbook/manpages/smb.conf.5.sgml
@@ -657,6 +657,7 @@
 		<listitem><para><link linkend="LARGEREADWRITE"><parameter>large readwrite</parameter></link></para></listitem>
 		
 		<listitem><para><link linkend="LDAPADMINDN"><parameter>ldap admin dn</parameter></link></para></listitem>
+		<listitem><para><link linkend="LDAPDELETEDN"><parameter>ldap delete dn</parameter></link></para></listitem>
 		<listitem><para><link linkend="LDAPDELONLYSAMATTR"><parameter>ldap del only sam attr</parameter></link></para></listitem>
 		<listitem><para><link linkend="LDAPFILTER"><parameter>ldap filter</parameter></link></para></listitem>
                 <listitem><para><link linkend="LDAPPORT"><parameter>ldap port</parameter></link></para></listitem>
@@ -3434,17 +3435,25 @@
 		</para>
 	
 		<varlistentry>
-		<term><anchor id="LDAPDELONLYSAMATTR"/>ldap del only sam attr (G)</term>
+		<term><anchor id="LDAPDELETEDN"/>ldap del only sam attr (G)</term>
 		<listitem><para> This parameter specifies whether a delete
-		operation in the ldapsam deletes only the Samba-specific
-		attributes or the complete LDAP entry.
+		operation in the ldapsam deletes the complete entry or only the attributes
+		specific to Samba.
 		</para>
 	
-		<para>Default : <emphasis>ldap del only sam attr = yes</emphasis></para>
+		<para>Default : <emphasis>ldap delete dn = no</emphasis></para>
 		</listitem>
 		</varlistentry>
 
 
+		<varlistentry>
+		<term><anchor id="LDAPDELONLYSAMATTR"/>ldap del only sam attr (G)</term>
+		<listitem><para> Inverted synonym for <link linked="LDAPDELETEDN"><parameter>
+		ldap delete dn</parameter></link>.</para>
+		</para>
+		</listitem>
+		</varlistentry>
+
 
 
 		<varlistentry>
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index cb03d26e61..e9ee19bc94 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -219,7 +219,7 @@ typedef struct
 	BOOL ldap_trust_ids;
 	char *szAclCompat;
 	int ldap_passwd_sync; 
-	BOOL ldap_del_only_sam;
+	BOOL ldap_delete_dn;
 	BOOL bMsAddPrinterWizard;
 	BOOL bDNSproxy;
 	BOOL bWINSsupport;
@@ -1026,7 +1026,8 @@ static struct parm_struct parm_table[] = {
 	{"ldap ssl", P_ENUM, P_GLOBAL, &Globals.ldap_ssl, NULL, enum_ldap_ssl, FLAG_ADVANCED | FLAG_DEVELOPER},
 	{"ldap passwd sync", P_ENUM, P_GLOBAL, &Globals.ldap_passwd_sync, NULL, enum_ldap_passwd_sync, FLAG_ADVANCED | FLAG_DEVELOPER},
 	{"ldap trust ids", P_BOOL, P_GLOBAL, &Globals.ldap_trust_ids, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
-	{"ldap del only sam attr", P_BOOL, P_GLOBAL, &Globals.ldap_del_only_sam, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
+	{"ldap delete dn", P_BOOL, P_GLOBAL, &Globals.ldap_delete_dn, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
+	{"ldap del only sam attr", P_BOOLREV, P_GLOBAL, &Globals.ldap_delete_dn, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
 
 	{"Miscellaneous Options", P_SEP, P_SEPARATOR},
 	{"add share command", P_STRING, P_GLOBAL, &Globals.szAddShareCommand, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
@@ -1411,7 +1412,7 @@ static void init_globals(void)
 	string_set(&Globals.szLdapAdminDn, "");
 	Globals.ldap_ssl = LDAP_SSL_ON;
 	Globals.ldap_passwd_sync = LDAP_PASSWD_SYNC_OFF;
-	Globals.ldap_del_only_sam = True;
+	Globals.ldap_delete_dn = False;
 
 /* these parameters are set to defaults that are more appropriate
    for the increasing samba install base:
@@ -1635,7 +1636,7 @@ FN_GLOBAL_STRING(lp_ldap_admin_dn, &Globals.szLdapAdminDn)
 FN_GLOBAL_INTEGER(lp_ldap_ssl, &Globals.ldap_ssl)
 FN_GLOBAL_INTEGER(lp_ldap_passwd_sync, &Globals.ldap_passwd_sync)
 FN_GLOBAL_BOOL(lp_ldap_trust_ids, &Globals.ldap_trust_ids)
-FN_GLOBAL_BOOL(lp_ldap_del_only_sam, &Globals.ldap_del_only_sam)
+FN_GLOBAL_BOOL(lp_ldap_delete_dn, &Globals.ldap_delete_dn)
 FN_GLOBAL_STRING(lp_add_share_cmd, &Globals.szAddShareCommand)
 FN_GLOBAL_STRING(lp_change_share_cmd, &Globals.szChangeShareCommand)
 FN_GLOBAL_STRING(lp_delete_share_cmd, &Globals.szDeleteShareCommand)
diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c
index f00abe7cab..6baff9029f 100644
--- a/source3/passdb/pdb_ldap.c
+++ b/source3/passdb/pdb_ldap.c
@@ -849,7 +849,7 @@ static void make_a_mod (LDAPMod *** modlist, int modop, const char *attribute, c
 
 /*******************************************************************
  Delete complete object or objectclass and attrs from
- object found in search_result depending on lp_ldap_del_only_sam
+ object found in search_result depending on lp_ldap_delete_dn
 ******************************************************************/
 static NTSTATUS ldapsam_delete_entry(struct ldapsam_privates *ldap_state,
 				     LDAPMessage *result,
@@ -872,7 +872,7 @@ static NTSTATUS ldapsam_delete_entry(struct ldapsam_privates *ldap_state,
 	entry = ldap_first_entry(ldap_state->ldap_struct, result);
 	dn    = ldap_get_dn(ldap_state->ldap_struct, entry);
 
-	if (!lp_ldap_del_only_sam()) {
+	if (lp_ldap_delete_dn()) {
 		NTSTATUS ret = NT_STATUS_OK;
 		rc = ldapsam_delete(ldap_state, dn);