Open ADSI Edit and follow the same steps as in Recipe 4.20. The only difference is that you’ll be prompted to confirm twice instead of once before the deletion occurs.
The same code from Recipe 4.20 will also delete containers and objects contained within them.
As you can see from the solutions, there is not much difference between deleting a leaf node versus deleting a container that has child objects. However, there is a distinction in what is happening in the background.
Deleting an object that has no children can be done with a simple LDAP delete operation. On the other hand, to delete a container and its children, the tree-delete LDAP control has to be used. If you were to do the deletion from an LDAP-based tool like LDP, you would first need to enable the “Subtree Delete” control, which has an OID of 1.2.840.113556.1.4.805. LDP provides another option to do a “Recursive Delete” from the client side. That will essentially iterate through all the objects in the container, deleting them one by one. The Subtree Delete is much more efficient, especially when dealing with large containers.
Recipe 4.20 for deleting objects and MSDN: IADsDeleteOps::DeleteObject
Get Active Directory Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
