When trying to delete a role using dsidm, the proper deletion message is produced, yet the role being deleted is still present.

389-ds-base-3.0.5-2.el10.x86_64
also applicable for 389-ds-base-2.5.2-2.el9_5.x86_64

1. Create a managed role using "dsidm role create-managed"
2. Delete the role using "dsidm role delete"
3. Verify the role is gone using "dsidm role list" or "dsidm role get"

# dsidm localhost -b dc=example,dc=com role list
No objects to display

# dsidm localhost -b dc=example,dc=com role create-managed --cn test_role
Successfully created test_role

# dsidm localhost -b dc=example,dc=com role list
test_role

# dsidm -v localhost -b dc=example,dc=com role delete cn=test_role,dc=example,dc=com
DEBUG: The 389 Directory Server Identity Manager
DEBUG: Inspired by works of: ITS, The University of Adelaide
DEBUG: dsrc path: /root/.dsrc
DEBUG: dsrc container path: /data/config/container.inf
DEBUG: dsrc instances: []
DEBUG: dsrc no such section: slapd-localhost
DEBUG: Called with: Namespace(verbose=True, json=False, 
instance='localhost', basedn='dc=example,dc=com', binddn=None, 
bindpw=None, prompt=False, pwdfile=None, starttls=False, 
dn='cn=test_role,dc=example,dc=com', func=<function delete at 
0x7f687492ccc0>)
DEBUG: Instance details: {'uri': 'localhost', 'basedn': 
'dc=example,dc=com', 'binddn': None, 'bindpw': None, 'saslmech': None, 
'tls_cacertdir': None, 'tls_cert': None, 'tls_key': None, 'tls_reqcert':
 None, 'starttls': False, 'prompt': False, 'pwdfile': None, 'args': 
{'ldapurl': 'localhost', 'root-dn': None}}
DEBUG: Allocate <class 'lib389.DirSrv'> with ldapi://%2frun%2fslapd-localhost.socket
DEBUG: Allocate <class 'lib389.DirSrv'> with %2frun%2fslapd-localhost.socket
DEBUG: Allocate <class 'lib389.DirSrv'> with prereserve-1mt-rhel-10.0-20241220.0-5973-2025-01-09-08-51:389
DEBUG: Allocate <class 'lib389.DirSrv'> with prereserve-1mt-rhel-10.0-20241220.0-5973-2025-01-09-08-51:389
DEBUG: Allocate <class 'lib389.DirSrv'> with ldapi://%2frun%2fslapd-localhost.socket
DEBUG: Allocate <class 'lib389.DirSrv'> with %2frun%2fslapd-localhost.socket
DEBUG: Allocate <class 'lib389.DirSrv'> with prereserve-1mt-rhel-10.0-20241220.0-5973-2025-01-09-08-51:389
DEBUG: Allocate <class 'lib389.DirSrv'> with prereserve-1mt-rhel-10.0-20241220.0-5973-2025-01-09-08-51:389
DEBUG: open(): Connecting to uri ldapi://%2frun%2fslapd-localhost.socket
DEBUG: Using dirsrv ca certificate /etc/dirsrv/slapd-localhost
DEBUG: Using external ca certificate /etc/dirsrv/slapd-localhost
DEBUG: Using /etc/openldap/ldap.conf certificate policy
DEBUG: ldap.OPT_X_TLS_REQUIRE_CERT = 2
DEBUG: open(): Using root autobind ...
DEBUG: open(): bound as None
DEBUG: Retrieving entry with [('',)]
DEBUG: Retrieved entry [dn:

vendorVersion: 389-Directory/3.0.5 B2024.351.0000
]
Deleting Role cn=test_role,dc=example,dc=com :
Type 'Yes I am sure' to continue: Yes I am sure
DEBUG: cn=test_role,dc=example,dc=com delete
Successfully deleted cn=test_role,dc=example,dc=com
INFO: Command successful.

# dsidm localhost -b dc=example,dc=com role list
test_role

# dsidm localhost -b dc=example,dc=com role get test_role
dn: cn=test_role,dc=example,dc=com
cn: test_role
objectClass: nsSimpleRoleDefinition
objectClass: nsManagedRoleDefinition
objectClass: nsRoleDefinition
objectClass: ldapSubEntry
objectClass: top

Role should be properly deleted and not present