I would like to have a single LDAP command that would delete an entire OU atomically, including all children. I see there's a command for the windows command-line:
dsrm <OrganizationalUnitDN> [-subtree]
That -subtree option deletes children too. Is there a way to do that using LDAP?
Bonus points, if someone knows how to do that using the ActiveLdap gem. But I will be extending ActiveLdap to include this functionality otherwise. Thanks!
Several LDAP tools implement this in their interfaces. LDAPBrowser comes to mind Gowars LDAP Browser I have not looked at the low level of how it does it, but I imagine it retrieves a list of DN's of the object subordinate to the container, then deletes them one by one.
Doing it any other way would depend on the LDAP server supporting some function to do it. Most that I am aware of do not support such an operation directly. Rather any tools that implement it, fake it the way described above.