Open aesoper101 opened 1 year ago
cpuschma
commented
1 year ago You'll have to empty the container first before you can delete it. You can also use the Subtree Delete Control within your delete request to delete all child elements.
https://github.com/go-ldap/ldap/blob/7d3b8d48feec050af443cf1a4281cf965416f5ab/control.go#L533-L535
aesoper101
commented
1 year ago @cpuschma Hi , I had use the Subtree Delete Control like this
func TestDeleteNonLeafNode(t *testing.T) {
conn, err := ldap.DialURL("ldap://localhost:389")
assert.Nil(t, err)
assert.NotNil(t, conn)
defer conn.Close()
control := make([]ldap.Control, 0)
control = append(control, ldap.NewControlSubtreeDelete())
simpleBindRequest := ldap.NewSimpleBindRequest("cn=admin,dc=example,dc=org", "admin", control)
_, err = conn.SimpleBind(simpleBindRequest)
assert.Nil(t, err)
delReq := ldap.NewDelRequest("o=test,dc=example,dc=org", control)
err = conn.Del(delReq)
t.Log(err)
assert.Nil(t, err)
}but not working
james-d-elliott
commented
1 year ago Can you show the ldap.Error field values?
kumo-rn5s
commented
1 year ago Hi, i got same error. I just discovered that my LDAP server did not have the SubtreeDelete Control enabled.
JesseCoretta
commented
1 day ago Just chiming in -- I was able to make the above function work without issues on my test system - subtree deleted 107 entries (not including the parent) on the first try.
Before:
$ ldapsearch -LLLxb ou=Terminated,ou=People,dc=example,dc=com -s one dn
... 107 fake entries omitted ...For simplicity, I just added the above function to control_test.go. I only had to replace the "assert" checkers with explicit manual checks (e.g: if err != nil { ... }), no other changes.
Delete:
$ go test -run TestDeleteNonLeafNode .
ok github.com/go-ldap/ldap 0.034sAfter:
$ ldapsearch -LLLxb ou=Terminated,ou=People,dc=example,dc=com -s one dn
No such object (32)Hi, i got same error. I just discovered that my LDAP server did not have the SubtreeDelete Control enabled.
Which control OID is that? 1.2.840.113556.1.4.805?
JesseCoretta
commented
1 day ago Hi, i got same error. I just discovered that my LDAP server did not have the SubtreeDelete Control enabled.
Which control OID is that? 1.2.840.113556.1.4.805?
Yes that seems to be correct. I can trace that OID to a const in control.go.
$ ldapsearch -LLLb '' -s base -x supportedControl=1.2.840.113556.1.4.805 supportedControl
dn:
supportedControl: 1.2.826.0.1.3344810.2.3
supportedControl: 1.2.840.113556.1.4.1413
supportedControl: 1.2.840.113556.1.4.319
supportedControl: 1.2.840.113556.1.4.473
supportedControl: 1.2.840.113556.1.4.805 <--- here
supportedControl: 1.3.6.1.1.12
supportedControl: 1.3.6.1.1.13.1
supportedControl: 1.3.6.1.1.13.2
supportedControl: 1.3.6.1.4.1.26027.1.5.2
supportedControl: 1.3.6.1.4.1.42.2.27.8.5.1
supportedControl: 1.3.6.1.4.1.42.2.27.9.5.2
supportedControl: 1.3.6.1.4.1.42.2.27.9.5.8
supportedControl: 1.3.6.1.4.1.4203.1.10.1
supportedControl: 1.3.6.1.4.1.4203.1.10.2
supportedControl: 1.3.6.1.4.1.7628.5.101.1
supportedControl: 2.16.840.1.113730.3.4.12
supportedControl: 2.16.840.1.113730.3.4.16
supportedControl: 2.16.840.1.113730.3.4.17
supportedControl: 2.16.840.1.113730.3.4.18
supportedControl: 2.16.840.1.113730.3.4.19
supportedControl: 2.16.840.1.113730.3.4.2
supportedControl: 2.16.840.1.113730.3.4.3
supportedControl: 2.16.840.1.113730.3.4.4
supportedControl: 2.16.840.1.113730.3.4.5
supportedControl: 2.16.840.1.113730.3.4.9... which indicates my server supports it.
Hi, I have a non-leaf node in OpenLDAP directory. I want to delete the node. One approach is to delete all the children from the bottom most level in the tree and then finally delete the non-leaf node. Is there any other approach to solve this issue?
When I try to delete the non-leaf node, sends me the following exception:
LDAP Result Code 66 "Not Allowed On Non Leaf": subordinate objects must be deleted first