Deleting an Object

There is not much difference between deleting a leaf node and deleting a container that has child objects. However, there is a distinction in what is happening in the background.

Deleting an object that has no children can be done with a simple LDAP delete operation. On the other hand, to delete a container and its children, the tree delete LDAP control has to be used. If you were to do the deletion from an LDAP-based tool like LDP, you would first need to enable the Subtree Delete control, which has an OID of 1.2.840.113556.1.4.805. LDP provides another option to do a Recursive Delete from the client side. That will essentially iterate through all the objects in the container, deleting them one by one. The Subtree Delete is more efficient, especially when dealing with large containers.

Using a graphical user interface

  1. Open ADSI Edit.
  2. If an entry for the naming context you want to browse is not already displayed, do the following:
    1. Right-click on ADSI Edit in the right pane and click Connect to….
    2. Fill in the information for the naming context, container, or OU where the object you want to delete is contained. Click on the Advanced button if you need to enter alternate credentials.
  3. In the left pane, browse to the object you want to delete.
  4. Right-click on the object and select Delete.
  5. Click Yes to confirm.

Using a command-line interface

Use the following command to delete a single object:

> dsrm ""

Use the following command to delete a container and its child objects:

> dsrm "" -subtree

Using VBScript

strObjectDN = ""
 set objUser = GetObject("LDAP://" & strObjectDN)
 objUser.DeleteObject(0)