net ads leave needs to try account deletion, NetUnjoinDomain not. Reference: http://msdn.microsoft.com/en-us/library/aa370644%28VS.85%29.aspx
NetDomainUnjoin() never deletes accounts. The delete flag is deceiving, because it actually disables the account rather than deleting it. We need to change libnetapi to do the same. However, libnet still needs to be able to delete in order to perform "net ads leave" as we have in the past. Also, libnet DomainUnjoin needs to be able to delete the local secrets data without first disabling or deleting, if so requested. This matches windows behavior. (e.g. try using local admin to leave a domain...the account will still exist and be enabled on the DC, but the machine will no longer think it is in the domain).
pushed fix with 7930f15f5dce0dd72b354f903a758b03988371b8
Created attachment 4335 [details] 7930f15f5dce0dd72b354f903a758b03988371b8 backported to 3.3
Created attachment 4338 [details] 7930f15f5dce0dd72b354f903a758b03988371b8 backported to 3.3 Previous one had a compile error
Created attachment 4339 [details] 7930f15f5dce0dd72b354f903a758b03988371b8 backported to 3.2
Günther, can you look at these?
We found a small error still in the patch that would break the use of NetUnJoin() in non-AD setups.
Created attachment 4361 [details] updated backport to 3.4
Created attachment 4362 [details] updated backport to 3.3
Created attachment 4363 [details] updated backport to 3.2
Karolin, your turn now :)
Pushed to v3-2-test, v3-3-test and v3-4-test. Closing out bug report. Thanks!