deleting a machine account from a domain.

Andrew Bartlett abartlet at
Tue Aug 16 05:41:08 GMT 2005

On Tue, 2005-08-16 at 06:34 +0100, vira gc wrote:
> Hi,
>   Thanks for the reply. I am looking for RPC APIs to
> do the same job. I need to delete existing machine
> account   using those APIs from inside a program. 
>   I went through the 'net' utility implementaion. I
> could see only ADS leave and no RPC leave or delete as
> far as machine account is considered.

Did you not understand my earlier point?  The 'leave' is just a delete,
with the exception that in 'net ads leave', it attempts to use the
permission given at join time to delete itself.  In any case, the
underlying operation you want is a delete (by LDAP or RPC, it doesn't
matter) of machinename$ from the DC.

>   If there are no RPC APIs then what is the best way
> to delete the already existing machine account. Can we
> use LDAP API's to delete?

That is what the 'net ads leave' does.  In both cases, these utilities
back onto C code (what else!), and you could in theory call that code
from your custom utility that linked with Samba.

Andrew Bartlett

Andrew Bartlett                      
Samba Developer, SuSE Labs, Novell Inc.
Authentication Developer, Samba Team 
Student Network Administrator, Hawker College
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :

More information about the samba-technical mailing list