deleting users from ldap

rpv_muma rpv at
Mon Nov 1 14:36:33 GMT 2004

After changing places of deleting unix and samba side LDAP records as
I wrote up we have following errors:


         /* and delete the samba side */
         if (!pdb_delete_sam_account(sam_pass)) {
                 DEBUG(5,("_samr_delete_dom_user:Failed to delete entry for user %s.\n", pdb_get_username(sam_pass)));
                 return NT_STATUS_CANNOT_DELETE;

         /* delete the unix side */

  ldapsam_delete_sam_account: Deleting user admin3 from LDAP.
[2004/11/01 20:01:56, 5] lib/smbldap.c:smbldap_search(963)
  smbldap_search: base => [dc=fsf,dc=tsu,dc=ru], filter => [(&(uid=admin3)(objectclass=sambaSamAccount))], scope => [2]
[2004/11/01 20:01:56, 10] passdb/pdb_ldap.c:ldapsam_delete_entry(305)
  ldapsam_delete_entry: deleting attribute modifyTimestamp
[2004/11/01 20:01:56, 5] lib/smbldap.c:smbldap_modify(1009)
  smbldap_modify: dn => [uid=admin3,ou=Users,dc=fsf,dc=tsu,dc=ru]
[2004/11/01 20:01:56, 0] passdb/pdb_ldap.c:ldapsam_delete_entry(328)
  ldapsam_delete_entry: Could not delete attributes for uid=admin3,ou=Users,dc=fsf,dc=tsu,dc=ru, error: Constraint violation (
modifyTimestamp: no user modification allowed)
[2004/11/01 20:01:56, 5] rpc_server/srv_samr_nt.c:_samr_delete_dom_user(3671)
  _samr_delete_dom_user:Failed to delete entry for user admin3.
[2004/11/01 20:01:56, 5] rpc_parse/parse_prs.c:prs_ntstatus(665)
      0014 status: NT_STATUS_CANNOT_DELETE

Samba tries to delete only his own sambaSamAttributes, but where are
unmodificable attributes in dn. I have no patch to fix, but I have
solution. If we set
>ldap delete dn = yes
and disable script
>#delete user script = .../

 then samba will delete dn and it will be ok.

Best regards,
Pavel Rochnyack                      mailto:rpv at

More information about the samba-technical mailing list