Bug 4296 - with "ldap delete dn" group memberships should be cleaned up
with "ldap delete dn" group memberships should be cleaned up
Status: RESOLVED FIXED
Product: Samba 3.4
Classification: Unclassified
Component: Build environment
unspecified
Other Linux
: P3 normal
: ---
Assigned To: Karolin Seeger
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2006-12-14 10:10 UTC by Björn Jacke
Modified: 2009-09-02 05:16 UTC (History)
0 users

See Also:


Attachments
patch for pdb_ldap delete user path (2.23 KB, patch)
2009-06-30 07:07 UTC, Guenther Deschner
vl: review+
Details
same patch that cleanly applies to 3-4-test (2.21 KB, patch)
2009-09-02 05:08 UTC, Guenther Deschner
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Björn Jacke 2006-12-14 10:10:17 UTC
when a user is deleted and "ldap delete dn" is set, Samba should clean up all memberUID entries in groups, too. Currently those memberUID entries are kept untouched.
Comment 1 Guenther Deschner 2009-05-14 15:41:49 UTC
we can do this but only for ldapsam:editposix=yes
Comment 2 Björn Jacke 2009-05-14 15:52:19 UTC
as ldap delete dn does not use the ldap scripts I think the memberUID attributes should also be cleaned up if editposix is not used
Comment 3 Guenther Deschner 2009-06-30 07:07:12 UTC
Created attachment 4374 [details]
patch for pdb_ldap delete user path

This patch tries first to remove all membership before the real account deletion.
Comment 4 Guenther Deschner 2009-09-02 05:08:09 UTC
Created attachment 4624 [details]
same patch that cleanly applies to 3-4-test
Comment 5 Guenther Deschner 2009-09-02 05:08:57 UTC
Karolin, please pick for 3.4.1.
Comment 6 Karolin Seeger 2009-09-02 05:16:34 UTC
Pushed, closing out bug report.

Thanks!