3 files changed, 21 insertions, 10 deletions

diff --git a/docs/docbook/manpages/smb.conf.5.sgml b/docs/docbook/manpages/smb.conf.5.sgml
index 7aaa189578..0f5e751a64 100644
--- a/docs/docbook/manpages/smb.conf.5.sgml
+++ b/docs/docbook/manpages/smb.conf.5.sgml
@@ -656,6 +656,7 @@ alias|alias|alias|alias...
 		<listitem><para><link linkend="LARGEREADWRITE"><parameter>large readwrite</parameter></link></para></listitem>
 		
 		<listitem><para><link linkend="LDAPADMINDN"><parameter>ldap admin dn</parameter></link></para></listitem>
+		<listitem><para><link linkend="LDAPDELETEDN"><parameter>ldap delete dn</parameter></link></para></listitem>
 		<listitem><para><link linkend="LDAPDELONLYSAMATTR"><parameter>ldap del only sam attr</parameter></link></para></listitem>
 		<listitem><para><link linkend="LDAPFILTER"><parameter>ldap filter</parameter></link></para></listitem>
                 <listitem><para><link linkend="LDAPPORT"><parameter>ldap port</parameter></link></para></listitem>
@@ -3437,13 +3438,22 @@ df $1 | tail -1 | awk '{print $2" "$4}'
 		</para>
 	
 		<varlistentry>
-		<term><anchor id="LDAPDELONLYSAMATTR"/>ldap del only sam attr (G)</term>
+		<term><anchor id="LDAPDELETEDN"/>ldap del only sam attr (G)</term>
 		<listitem><para> This parameter specifies whether a delete
-		operation in the ldapsam deletes only the Samba-specific
-		attributes or the complete LDAP entry.
+		operation in the ldapsam deletes the complete entry or only the attributes
+		specific to Samba.
 		</para>
 	
-		<para>Default : <emphasis>ldap del only sam attr = yes</emphasis></para>
+		<para>Default : <emphasis>ldap delete dn = no</emphasis></para>
+		</listitem>
+		</varlistentry>
+
+
+		<varlistentry>
+		<term><anchor id="LDAPDELONLYSAMATTR"/>ldap del only sam attr (G)</term>
+		<listitem><para> Inverted synonym for <link linked="LDAPDELETEDN"><parameter>
+		ldap delete dn</parameter></link>.</para>
+		</para>
 		</listitem>
 		</varlistentry>
 
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 0aa5f08be7..d17db16381 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -230,7 +230,7 @@ typedef struct
 	BOOL ldap_trust_ids;
 	char *szAclCompat;
 	int ldap_passwd_sync; 
-	BOOL ldap_del_only_sam;
+	BOOL ldap_delete_dn;
 	BOOL bMsAddPrinterWizard;
 	BOOL bDNSproxy;
 	BOOL bWINSsupport;
@@ -1043,7 +1043,8 @@ static struct parm_struct parm_table[] = {
 	{"ldap ssl", P_ENUM, P_GLOBAL, &Globals.ldap_ssl, NULL, enum_ldap_ssl, FLAG_ADVANCED | FLAG_DEVELOPER},
 	{"ldap passwd sync", P_ENUM, P_GLOBAL, &Globals.ldap_passwd_sync, NULL, enum_ldap_passwd_sync, FLAG_ADVANCED | FLAG_DEVELOPER},
 	{"ldap trust ids", P_BOOL, P_GLOBAL, &Globals.ldap_trust_ids, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
-	{"ldap del only sam attr", P_BOOL, P_GLOBAL, &Globals.ldap_del_only_sam, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
+	{"ldap delete dn", P_BOOL, P_GLOBAL, &Globals.ldap_delete_dn, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
+	{"ldap del only sam attr", P_BOOLREV, P_GLOBAL, &Globals.ldap_delete_dn, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
 
 	{"Miscellaneous Options", P_SEP, P_SEPARATOR},
 	{"add share command", P_STRING, P_GLOBAL, &Globals.szAddShareCommand, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER},
@@ -1428,7 +1429,7 @@ static void init_globals(void)
 	string_set(&Globals.szLdapAdminDn, "");
 	Globals.ldap_ssl = LDAP_SSL_ON;
 	Globals.ldap_passwd_sync = LDAP_PASSWD_SYNC_OFF;
-	Globals.ldap_del_only_sam = True;
+	Globals.ldap_delete_dn = False;
 
 /* these parameters are set to defaults that are more appropriate
    for the increasing samba install base:
@@ -1660,7 +1661,7 @@ FN_GLOBAL_STRING(lp_ldap_admin_dn, &Globals.szLdapAdminDn)
 FN_GLOBAL_INTEGER(lp_ldap_ssl, &Globals.ldap_ssl)
 FN_GLOBAL_INTEGER(lp_ldap_passwd_sync, &Globals.ldap_passwd_sync)
 FN_GLOBAL_BOOL(lp_ldap_trust_ids, &Globals.ldap_trust_ids)
-FN_GLOBAL_BOOL(lp_ldap_del_only_sam, &Globals.ldap_del_only_sam)
+FN_GLOBAL_BOOL(lp_ldap_delete_dn, &Globals.ldap_delete_dn)
 FN_GLOBAL_STRING(lp_add_share_cmd, &Globals.szAddShareCommand)
 FN_GLOBAL_STRING(lp_change_share_cmd, &Globals.szChangeShareCommand)
 FN_GLOBAL_STRING(lp_delete_share_cmd, &Globals.szDeleteShareCommand)
diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c
index f137d27cff..f4d04561c1 100644
--- a/source3/passdb/pdb_ldap.c
+++ b/source3/passdb/pdb_ldap.c
@@ -848,7 +848,7 @@ static void make_a_mod (LDAPMod *** modlist, int modop, const char *attribute, c
 
 /*******************************************************************
  Delete complete object or objectclass and attrs from
- object found in search_result depending on lp_ldap_del_only_sam
+ object found in search_result depending on lp_ldap_delete_dn
 ******************************************************************/
 static NTSTATUS ldapsam_delete_entry(struct ldapsam_privates *ldap_state,
 				     LDAPMessage *result,
@@ -871,7 +871,7 @@ static NTSTATUS ldapsam_delete_entry(struct ldapsam_privates *ldap_state,
 	entry = ldap_first_entry(ldap_state->ldap_struct, result);
 	dn    = ldap_get_dn(ldap_state->ldap_struct, entry);
 
-	if (!lp_ldap_del_only_sam()) {
+	if (lp_ldap_delete_dn()) {
 		NTSTATUS ret = NT_STATUS_OK;
 		rc = ldapsam_delete(ldap_state, dn);