This page explains how to delete an orphan user
As user admin open the dashboard and go to Identity –> Users
Click on the Orphan users tab
Check if there are users whose account expired more than a couple of months ago
Let's suppose that the account piano@infn.it expired a while ago and you want to remove this account.
cld-ctrl-01# openstack user show piano@infn.it
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| default_project_id | cc6e6acda4eb4a92a7263099b8143810 |
| domain_id | default |
| email | stefano.piano@ts.infn.it |
| enabled | False |
| id | 77e128ef046843608ca98f5541032209 |
| name | piano@infn.it |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+ |
The involved steps are:
On cld-ctrl-01 run the script ~root /DeletedUsers/delete-user.sh using the Openstack username as argument
The script takes another optional argument: the reason for the deletion. If not specified the default reason is 'Expired'.
[root@cld-ctrl-01 ~]# cd ~/DeletedUsers/ [root@cld-ctrl-01 DeletedUsers]# ./delete-user.sh piano@infn.it |
The script prints the username and the userid of the user
Then it checks if the user still owns VMs and/or volumes
If and only if the user doesn't own any resource, the script updates the file ~/DeletedUsers/list_of_deleted_users.csv with the information that must be saved for this user
If and only if the user doesn't own any resource, proceed with next step
Run the script delete_user.sh which takes as argument the email address of the user
cd /root/bin ./delete-user.sh stefano.piano@ts.infn.it |
This script:
Edit /home/chrootusers/etc/passwd and remove the line corresponding to the just deleted user
Remove the user from OpenStack using the dashboard