Soft delete request control
This control can be included in a delete request to hide a server entry so that it can only be retrieved with a request that includes the Soft deleted entry access request control or a filter which includes an "(objectClass=ds-soft-deleted-entry)" component. A soft-deleted entry can be restored with the same or a different DN using the Undelete request control.
The _controls array must include the value-json attribute with the return-soft-delete-response-control value, which is a mandatory boolean specifying whether the soft delete response control should be returned. This response control includes the DN of the soft-deleted entry in the soft-deleted-entry-dn attribute.
The following sample shows the JSON encoding for the control:
{
"oid":"1.3.6.1.4.1.30221.2.5.20",
"control-name":"Soft Delete Request Control",
"criticality":true,
"value-json":
{
"return-soft-delete-response-control":true
}
}For a soft delete to succeed, there must be a soft delete policy created and set via the global configuration. The following commands set a basic soft delete policy.
dsconfig create-soft-delete-policy --policy-name 'Soft Delete Policy'
dsconfig set-global-configuration-prop --set 'soft-delete-policy:Soft Delete Policy'Learn more about the following related request controls: