StarlingX

Recommended procedure for deleteing a ldap user

Bug #2044541 reported by Elisamara Aoki Gonçalves
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
StarlingX
Fix Released
Medium
Elisamara Aoki Gonçalves

Bug Description

Brief Description
-----------------
Recommend the steps for a safe delete of ldap linux account.

The following steps describe the procedure to delete ldap linux accounts.

1. Create a new LDAP user with command "sudo ldapusersetup", if not already created.

2. Check that the linux user has been created on the cloud platform using one of the commands:

id <username>
getent passwd <username>
 3. ssh to the cloud platform as the new ldap user and change the initial password when prompted at first login.

 4. Check that the user's home directory was created as "/home/<username>".

 5. Delete ldap user with command "sudo ldapdeleteuser <username>"

 6. Check that the ldap user was removed from the local ldap server using the "sudo ldapsearch -x -LLL -b dc=cgcs,dc=local" or "sudo ldapfinger <username>" commands.

 7. SSSD service will sync-up ldap linux users from the ldap server and this can take several minutes because is done according to "ldap_enumeration_refresh_timeout" time interval setting.

 8. Check that the local ldap linux user was removed from the cloud platform, using "id <username>" or "getent passwd <username>" commands.

 9. Check that the user linux home directory still exists after the user has been removed. The home directory cleanup is the responsibility of the customer.

Severity
--------

<Minor: System/Feature is usable with minor issue>

Elisamara Aoki Gonçalves (egoncalv)
Changed in starlingx:
assignee: nobody → Elisamara Aoki Gonçalves (egoncalv)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to docs (master)

Fix proposed to branch: master
Review: https://review.opendev.org/c/starlingx/docs/+/901833

Changed in starlingx:
status: New → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to docs (r/stx.8.0)

Fix proposed to branch: r/stx.8.0
Review: https://review.opendev.org/c/starlingx/docs/+/902075

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to docs (master)

Reviewed: https://review.opendev.org/c/starlingx/docs/+/901833
Committed: https://opendev.org/starlingx/docs/commit/4f165f00ac664c5e111399b97e7e51bf60da0e3e
Submitter: "Zuul (22348)"
Branch: master

commit 4f165f00ac664c5e111399b97e7e51bf60da0e3e
Author: Elisamara Aoki Goncalves <email address hidden>
Date: Fri Nov 24 13:44:50 2023 +0000

    Procedure for deleteing a ldap user (r8,dsR8)

    Add procedure to safe delete a ldap linux account.

    Closes-bug: 2044541

    Change-Id: I6871d97c2f92b8b67b62f5034feecd466781fb81
    Signed-off-by: Elisamara Aoki Goncalves <email address hidden>

Changed in starlingx:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to docs (r/stx.8.0)

Reviewed: https://review.opendev.org/c/starlingx/docs/+/902075
Committed: https://opendev.org/starlingx/docs/commit/1272080f423752e69852216b79f4ee4fa6684419
Submitter: "Zuul (22348)"
Branch: r/stx.8.0

commit 1272080f423752e69852216b79f4ee4fa6684419
Author: Elisamara Aoki Goncalves <email address hidden>
Date: Fri Nov 24 13:44:50 2023 +0000

    Procedure for deleteing a ldap user (r8,dsR8)

    Add procedure to safe delete a ldap linux account.

    Closes-bug: 2044541

    Change-Id: I6871d97c2f92b8b67b62f5034feecd466781fb81
    Signed-off-by: Elisamara Aoki Goncalves <email address hidden>

Ghada Khalil (gkhalil)
Changed in starlingx:
importance: Undecided → Medium
Revision history for this message
Elisamara Aoki Gonçalves (egoncalv) wrote :

Opening bug as there were new comments added after update was merged

Changed in starlingx:
status: Fix Released → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to docs (r/stx.8.0)

Fix proposed to branch: r/stx.8.0
Review: https://review.opendev.org/c/starlingx/docs/+/912064

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to docs (master)

Reviewed: https://review.opendev.org/c/starlingx/docs/+/906107
Committed: https://opendev.org/starlingx/docs/commit/117b265378d6ab4866225360f9949ccb2ec51cef
Submitter: "Zuul (22348)"
Branch: master

commit 117b265378d6ab4866225360f9949ccb2ec51cef
Author: Elisamara Aoki Goncalves <email address hidden>
Date: Fri Jan 19 13:16:03 2024 +0000

    Update procedure for deleting ldap user (r8,dsR8)

    Applying comments made in merged review https://review.opendev.org/c/starlingx/docs/+/901833

    Closes-bug: 2044541

    Change-Id: Icd3293abec74e373b23d0b2f0540557ea9c5504c
    Signed-off-by: Elisamara Aoki Goncalves <email address hidden>

Changed in starlingx:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to docs (r/stx.8.0)

Reviewed: https://review.opendev.org/c/starlingx/docs/+/912064
Committed: https://opendev.org/starlingx/docs/commit/ab31a4459bdc665c52811e7cdbfb4fbd7d0dfac7
Submitter: "Zuul (22348)"
Branch: r/stx.8.0

commit ab31a4459bdc665c52811e7cdbfb4fbd7d0dfac7
Author: Elisamara Aoki Goncalves <email address hidden>
Date: Fri Jan 19 13:16:03 2024 +0000

    Update procedure for deleting ldap user (r8,dsR8)

    Applying comments made in merged review https://review.opendev.org/c/starlingx/docs/+/901833

    Closes-bug: 2044541

    Change-Id: Icd3293abec74e373b23d0b2f0540557ea9c5504c
    Signed-off-by: Elisamara Aoki Goncalves <email address hidden>

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.