Hi Ethan,
This is not a problem with AD, but what appears to be a bug or edge case that's not accounted for with the vCO implementation of the AD:Computer.destroy method.
To reproduce, follow these steps (I used a Windows 2008 R2 DC running at an equivalent domain functional level):
- create a computer object in AD
- select the computer object in Active Directory Users and Computers
- select action, then new, then shared folder
- use any mapping (the mapping doesn't have to exist on your network)
- if you attempt to delete the object using vCO, you will get LDAP error 66, cannot delete non-leaf node. This is because a shared folder is the child of the computer object. I assume the same would occur for printer objects, or any other objects that are created below the computer object.
Maybe these steps will allow VMware to improve their plugin for this case?