Recommended procedure for deleteing a ldap user
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
Medium
|
Elisamara Aoki Gonçalves |
Bug Description
Brief Description
-----------------
Recommend the steps for a safe delete of ldap linux account.
The following steps describe the procedure to delete ldap linux accounts.
1. Create a new LDAP user with command "sudo ldapusersetup", if not already created.
2. Check that the linux user has been created on the cloud platform using one of the commands:
id <username>
getent passwd <username>
3. ssh to the cloud platform as the new ldap user and change the initial password when prompted at first login.
4. Check that the user's home directory was created as "/home/<username>".
5. Delete ldap user with command "sudo ldapdeleteuser <username>"
6. Check that the ldap user was removed from the local ldap server using the "sudo ldapsearch -x -LLL -b dc=cgcs,dc=local" or "sudo ldapfinger <username>" commands.
7. SSSD service will sync-up ldap linux users from the ldap server and this can take several minutes because is done according to "ldap_enumerati
8. Check that the local ldap linux user was removed from the cloud platform, using "id <username>" or "getent passwd <username>" commands.
9. Check that the user linux home directory still exists after the user has been removed. The home directory cleanup is the responsibility of the customer.
Severity
--------
<Minor: System/Feature is usable with minor issue>
Changed in starlingx: | |
assignee: | nobody → Elisamara Aoki Gonçalves (egoncalv) |
Changed in starlingx: | |
importance: | Undecided → Medium |
Fix proposed to branch: master /review. opendev. org/c/starlingx /docs/+ /901833
Review: https:/