This chapter describes how to remove users, groups, and Calendar resources from a domain, and how to remove services (such as mail service) from users in a domain.
This procedure requires three main tasks:
Mark users or services for deletion.
You can use the Delegated Administrator console or commadmin command to perform this task.
Remove the application resources for that user or group.
You use the application's utility to perform this task.
After an LDAP entry or service has been marked as deleted in the directory, you must run a utility that removes resources such as mailboxes or calendars before the entry or service can be purged from the directory:
For mail services, the command is called msuserpurge.
In Calendar Server 7, for calendar services, the command is davadmin and in Calendar Server 6, for calendar services, the command is csclean.
If instant messaging (Instant Messaging Server) service has been marked as deleted, the commadmin domain purge command purges Instant Messaging Server service from the directory. You do not have to run an Instant Messaging Server-specific utility to remove Instant Messaging Server resources, as you do for mail or calendar service.
If contacts service has been marked as deleted, the commadmin domain purge command purges contacts service from the directory. You do not have to run a contacts server-specific utility to remove contacts resources, as you do for mail or calendar service.
Note:
This step removes the resource from the application, not from the LDAP directory. For example, msuserpurge removes the user's mailbox from the message storeRemove the entry or service from the LDAP directory.
You use the commadmin domain purge command to perform this task. For details about this command, see "Delegated Administrator Reference".
This procedure permanently removes users, groups, and Calendar resources from a domain. The domain itself remains intact in the LDAP directory. Only the LDAP entries selected for deletion are removed.
Note:
The commadmin domain purge command does not remove the user as a member from any groups of which the user is a member. To completely remove a user s entry from the directory you must enable the Referential Integrity plug-in, see the discussion about maintaining referential integrity in Oracle Fusion Middleware Administration Guide for Oracle Directory Server Enterprise Edition 11.Mark the users, groups, and resources as deleted.
For example, to mark selected entries as deleted in the florizel.com domain:
commadmin user delete chris -d florizel.com -n sesta.com -i deletedusers commadmin group delete -D chris -d florizel.com -n sesta.com -i deletedgroups commadmin resource delete -D chris -d florizel.com -n sesta.com -i deletedresources
In the preceding examples, deletedusers, deletedgroups, and deletedresources are input files listing the entries marked for deletion.
You also can use the Delegated Administrator console to delete entries:
Navigate to the specified organization.
Click the Users tab (if it is not already displayed), select the users to be deleted, and click Delete.
Click the Groups tab, select the groups to be deleted, and click Delete.
Click the Resources tab, select the resources to be deleted, and click Delete.
Remove resources from the selected users, groups, and calendars in the domain.
A resource can be a mailbox or a calendar. (Instant Messaging Server and Contacts Server do not have associated resources that need to be removed.)
For mail services, run the msuserpurge command.
For information about the command see Messaging Server Reference.
For calendar services, run the davadmin command for Calendar Server 7. Run the csclean command for Calendar Server 6.
For information about the davadmin command see Calendar Server System Administrator's Guide. For information about the csclean command see Administration Reference for Calendar Server 6.3.
Permanently remove the selected entries from the domain by invoking the commadmin domain purge command. For details about this command, see "Delegated Administrator Reference".
For example, to remove selected users, groups, and resources from the florizel.com domain:
commadmin domain purge -D chris -d florizel.com -n sesta.com
In the preceding command, the florizel.com domain remains intact. Only the entries specified in the deletedusers, deletedgroups, and deletedresources input files are removed.
This procedure permanently removes mail, calendar, instant messaging (Instant Messaging Server), and contacts services from a domain and from each user, group, and resource in the domain. The domain itself, including its subordinate LDAP entries, remains intact in the directory.
Mark the service(s) in the domain as deleted by running the commadmin domain delete command.
For example, to mark mail, calendar, Instant Messaging Server, and contacts services as deleted in the florizel.com domain:
commadmin domain delete -D chris -d florizel.com -n sesta.com -S mail,cal,im,contacts
Remove resources from all users, groups, and resources in the domain.
A resource can be a mailbox or a calendar. (Instant Messaging Server and Contacts Server do not have associated resources that need to be removed.)
For mail services, run the msuserpurge command.
For information about the command see Messaging Server Reference.
For calendar services, run the davadmin command for Calendar Server 7. Run the csclean command for Calendar Server 6.
For information about the davadmin command see Calendar Server System Administrator's Guide. For information about the csclean command see Calendar Server 6.3 Administration Reference.
Note:
If the mailbox or calendar of any user in the domain is not removed, the service cannot be purged from the domain. For example, for mail service, ensure the grace period has been reached and that the msuserpurge command has been run on all mail message stores encompassed by the domain.Permanently remove the service(s) from the domain by invoking the commadmin domain purge command. For details about this command, see "Delegated Administrator Reference."
For example, to remove mail, calendar, Instant Messaging Server, and contacts services from the florizel.com domain:
commadmin domain purge -D chris -d florizel.com -n sesta.com -S mail,cal,im,contacts
This procedure permanently removes a domain from the directory. All user, group, and resource entries in the domain are also removed from the directory.
Mark the domain as deleted by running the commadmin domain delete command.
For example, to mark the florizel.com domain as deleted:
commadmin domain delete -D chris -d florizel.com -n sesta.com
You also can use the Delegated Administrator console to mark the domain for deletion by selecting the organization on the Organizations page and clicking Delete.
Remove resources from all users, groups, and resources in the domain.
A resource can be a mailbox or a calendar. (Instant Messaging Server and Contacts Server do not have associated resources that need to be removed.)
For mail services, run the msuserpurge command.
For information about the command see Messaging Server Reference.
For calendar services, run the davadmin command for Calendar Server 7. Run the csclean command for Calendar Server 6.
For information about the davadmin command see Calendar Server System Administrator's Guide. For information about the csclean command see Calendar Server 6.3 Administration Reference.
Note:
If the mailbox or calendar of any user in the domain is not removed, the domain cannot be removed. For example, for mail service, ensure the grace period has been reached and that the msuserpurge command has been run on all mail message stores encompassed by the domain.Permanently remove the domain by invoking the commadmin domain purge command. For details about this command, see "Delegated Administrator Reference".
For example, to remove the florizel.com domain
commadmin domain purge -D chris -d florizel.com -n sesta.com