userdel, roledel - delete a user or role login account from the system
userdel [-r] [-S repository] [-q qualifier] username
userdel -S ldap [-q qualifier] default@
roledel [-r] [-S repository] [-q qualifier] rolename
The userdel or roledel utility deletes a user (or role) account from the local files or specified name-service repository and optionally removes the account home directory from the file system.
For accounts that are created using –S ldap, the default values for qualified or unqualified user attributes may be deleted using the special value default@ as the login name.
An administrator must be granted the User Management Profile to be able to delete a user.
The following options are supported:
The name of a host or netgroup which qualifies which attributes to delete. The prefix @ is required to indicate that the qualifier is a netgroup name. The –q option is only valid if the user account is maintained in the LDAP name service. Only the attributes associated with the qualifier are deleted. The account and other attributes are not affected unless this option is omitted. In that case, all qualified attributes are also deleted.
Remove the user's home directory from the system. This directory must exist. The files and directories under the home directory will no longer be accessible following successful execution of the command. A ZFS dataset that was created for the user's home directory will be removed. An auto_home entry that was added for the user will be deleted.
The repository specifies which name service will be updated. The valid repositories are files and ldap. The default repository is files. When the repository is ldap, both the LDAP server and client must be configured with enableShadowUpdate. See ldapclient(8) for details.
The following operands are supported:
An existing login name to be deleted.
The following exit values are returned:
Successful completion.
Invalid command syntax. A usage message for the userdel command is displayed.
The account to be removed does not exist.
The account to be removed is in use.
Cannot update the /etc/group or /etc/user_attr file but the login is removed from the /etc/passwd file.
Cannot remove or otherwise modify the home directory.
system password file
system file contain users' encrypted passwords and related information
system file containing group definitions
system file containing additional user attributes
See attributes(7) for descriptions of the following attributes:
|
auths(1), passwd(1), profiles(1), roles(1), passwd(5), prof_attr(5), shadow(5), user_attr(5), attributes(7), rbac(7), groupadd(8), groupdel(8), groupmod(8), logins(8), roleadd(8), rolemod(8), useradd(8), usermod(8)
Managing User Accounts and User Environments in Oracle Solaris 11.4
Working With Oracle Solaris 11.4 Directory and Naming Services: LDAP
These utilities delete an account definition that is in the group, passwd, shadow, and user_attr databases in the files or ldap repository.