Directory Services


The LDAP_SERVER_TREE_DELETE_OID control is used with an extended LDAP delete function to delete an entire subtree in the directory.

To use this control, set the members of the LDAPControl structure as follows:

struct berval ldctl_value = {0, NULL};
BOOLEAN ldctl_iscritical;


LDAP_SERVER_TREE_DELETE_OID, which is defined as "1.2.840.113556.1.4.805".
No data for this control. In the berval structure, set bv_len to zero and bv_val to NULL.
Can be TRUE or FALSE depending on whether the operation is critical to your application.


The Tree Delete control is used with the extended delete functions, such as ldap_delete_ext, to delete an entire directory subtree. This control must be exclusively used with the LDAP DelRequest message and will be ignored if used otherwise. However, if the criticality field is set to True and the control is used with other than the DelRequest message, the request will fail and return an UnsupportedCriticalExtension error. Server authentication of proper user permissions before completing the operation is required.

Error Message:

value description
InsufficientAccessRights (50) This error message is returned from the server if the authenticated user does not possess the proper permissions to exercise this control.
UnwillingToPerform (53) This error message is returned when the server is not the authority for the selected tree or when the container contains platform specific restraints against deletion.
AdminLimitExceeded (11) This error message is returned when the limit of the number of objects that can be deleted in one operation is exceeded. However, all objects processed up to the limit will be deleted. The DelRequest with the Tree Delete control may be resubmitted until a success response is received.

If a Tree Delete control request fails, it may be retried with no adverse effects.


Client: Included in Windows XP and Windows 2000 Professional.
Server: Included in Windows Server 2003 and Windows 2000 Server.
Redistributable: Requires Active Directory Client Extension on Windows NT 4.0 SP6a and Windows 95/98/Me.
Header: Declared in Winldap.h.

See Also

Data Structures, LDAPMessage, Using Controls