The Samba-Bugzilla – Bug 4296
with "ldap delete dn" group memberships should be cleaned up
Last modified: 2009-09-02 05:16:34 UTC
when a user is deleted and "ldap delete dn" is set, Samba should clean up all memberUID entries in groups, too. Currently those memberUID entries are kept untouched.
we can do this but only for ldapsam:editposix=yes
as ldap delete dn does not use the ldap scripts I think the memberUID attributes should also be cleaned up if editposix is not used
Created attachment 4374 [details]
patch for pdb_ldap delete user path
This patch tries first to remove all membership before the real account deletion.
Created attachment 4624 [details]
same patch that cleanly applies to 3-4-test
Karolin, please pick for 3.4.1.
Pushed, closing out bug report.