deleting users from ldap

Richard Renard rrenard at idealx.com
Mon Nov 1 22:30:06 GMT 2004 

On Mon, Nov 01, 2004 at 08:36:33PM +0600, rpv_muma wrote:
> After changing places of deleting unix and samba side LDAP records as
> I wrote up we have following errors:
> 
> rpc_server/srv_samr_nt.c:smb_delete_user
> 
>          /* and delete the samba side */
>          if (!pdb_delete_sam_account(sam_pass)) {
>                  DEBUG(5,("_samr_delete_dom_user:Failed to delete entry for user %s.\n", pdb_get_username(sam_pass)));
>                  pdb_free_sam(&sam_pass);
>                  return NT_STATUS_CANNOT_DELETE;
>          }
> 
>          /* delete the unix side */
>          smb_delete_user(pdb_get_username(sam_pass));
> 
> 
>   ldapsam_delete_sam_account: Deleting user admin3 from LDAP.
> [2004/11/01 20:01:56, 5] lib/smbldap.c:smbldap_search(963)
>   smbldap_search: base => [dc=fsf,dc=tsu,dc=ru], filter => [(&(uid=admin3)(objectclass=sambaSamAccount))], scope => [2]
> [2004/11/01 20:01:56, 10] passdb/pdb_ldap.c:ldapsam_delete_entry(305)
>   ldapsam_delete_entry: deleting attribute modifyTimestamp
> [2004/11/01 20:01:56, 5] lib/smbldap.c:smbldap_modify(1009)
>   smbldap_modify: dn => [uid=admin3,ou=Users,dc=fsf,dc=tsu,dc=ru]
> [2004/11/01 20:01:56, 0] passdb/pdb_ldap.c:ldapsam_delete_entry(328)
>   ldapsam_delete_entry: Could not delete attributes for uid=admin3,ou=Users,dc=fsf,dc=tsu,dc=ru, error: Constraint violation (
> modifyTimestamp: no user modification allowed)
> [2004/11/01 20:01:56, 5] rpc_server/srv_samr_nt.c:_samr_delete_dom_user(3671)
>   _samr_delete_dom_user:Failed to delete entry for user admin3.
> ...
> [2004/11/01 20:01:56, 5] rpc_parse/parse_prs.c:prs_ntstatus(665)
>       0014 status: NT_STATUS_CANNOT_DELETE
> 
> Samba tries to delete only his own sambaSamAttributes, but where are
> unmodificable attributes in dn. I have no patch to fix, but I have
> solution. If we set
> >ldap delete dn = yes
> and disable script
> >#delete user script = .../smbldap-userdel.pl
> 
>  then samba will delete dn and it will be ok.
Hi,

This problem has already been resolved and then should be fixed in
3.0.8.
If you can try 3.0.8-pre2 and see if you can reproduce your problem.

Richard.

-- 
Richard Renard
rrenard at idealx.com

More information about the samba-technical mailing list