Bug 4818 - Feature request: Recursive directory operations
Feature request: Recursive directory operations
Product: Samba 4.0
Classification: Unclassified
Component: Other
All All
: P3 normal
: ---
Assigned To: Andrew Bartlett
Andrew Bartlett
Depends on:
  Show dependency treegraph
Reported: 2007-07-25 16:04 UTC by Matthias Dieter Wallnöfer
Modified: 2007-10-24 15:38 UTC (History)
0 users

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Matthias Dieter Wallnöfer 2007-07-25 16:04:00 UTC
- I've seen some problems regarding recursive directory operations: for example when I wanted do delete a subtree in ADUC (or I think also in ADSI Edit) only the root is removed. The same symptoms also when renaming a subtree. The move operation is probably also affected, but I couldn't reproduce that because it isn't yet working alright (bug 4806 - comment 5).
- Another thing: When for example positions of user or machine objects change in the directory, then there have to be updated also the references in group objects (attribute "member"). Similar things when renaming or deleting such an object.
- I would also like to see some protection for essential AD objects, that are created during provisioning. They shouldn't be deleted or moved (user Administrator, group Domain Admins ...) maybe only renamed. But that has to be implemented in accordance with the Windows Server behaviour.
Comment 1 Matthias Dieter Wallnöfer 2007-08-23 01:11:21 UTC
Since it's not really a bug, I'll mark it as a feature request.
Comment 2 Matthias Dieter Wallnöfer 2007-08-30 01:31:16 UTC
So it seems that subtree renames are now possible, but not subtree deletes. I'm right?
Comment 3 Andrew Bartlett 2007-08-30 01:41:54 UTC
I've not yet looked into subtree deletes.  Subtree renames are not possible, the module doesn't work yet (and is quite a nightmare...). 
Comment 4 Andrew Bartlett 2007-10-18 00:53:06 UTC
Subtree renames are now supported.  I'll add subtree deletes shortly.
Comment 5 Matthias Dieter Wallnöfer 2007-10-18 08:03:44 UTC
How can I reproduce it? I tested it with two nested OUs in ADUC, but it didn't work!
Comment 6 Andrew Bartlett 2007-10-18 17:09:20 UTC
You will need a new provision, as we updated the module list.
Comment 7 Andrew Bartlett 2007-10-22 21:47:42 UTC
As far as I can tell, subtree delete does not exist:

[abartlet@ruth source]$ bin/ldbdel -H ldap:// -Uadministrator%penguin12# OU=Test\ OU,DC=ad,DC=ruth,DC=abartlet,dc=net
delete of 'OU=Test OU,DC=ad,DC=ruth,DC=abartlet,dc=net' failed - LDAP error 66 LDAP_NOT_ALLOWED_ON_NON_LEAF -  <0000208C: UpdErr: DSID-030A048D, problem 6003 (CANT_ON_NON_LEAF), data 0
> <>

I'm going to call this fixed for now.  Let me know if there are any other issues
Comment 8 Matthias Dieter Wallnöfer 2007-10-23 17:56:31 UTC
Andrew, could it be that we mean something different? I filed the bug about the missing recursive operations in the ADUC console. I tested Samba 4 SVN with your changes recently (included with a fresh provision) but the behavior is unchanged (f.e. two nested OU's I rename the outer one and the DN of the inner one isn't displayed anymore. When I name the outer one back to the original, the inner is available again and so on...)
Comment 9 Andrew Bartlett 2007-10-24 00:43:43 UTC
Thankyou very much for your persistence as ever.

It turned out that I broke it when making one final change, and didn't retest.  Also, the ejs based test was broken. 

I've fixed the test, and the code, and it should all work now (-r 25710).

I've also verified it in MMC.
Comment 10 Matthias Dieter Wallnöfer 2007-10-24 12:28:44 UTC
Andrew, another problem (that what I called subtree delete): try to create a OU in ADUC console with one or more nested objects. Remove then the root OU and recreate it using the same name. You'll see that the subobjects are kept in the directory. 
Comment 11 Andrew Bartlett 2007-10-24 15:38:55 UTC
Can you please place those comments on bug 5037?