 |
Index for
Section 8 |
|
 |
Alphabetical
listing for U |
|
 |
Bottom of
page |
|
userdel()
NAME
userdel - Deletes a user login account from the system.
SYNOPSIS
SVE:
/usr/sbin/userdel [-r] login
POSIX:
/usr/sbin/userdel [-D] [-r] [-R] [-t type] [-P] [-x extended_option] login
OPTIONS
-D When enhanced security mode is enabled this option deletes the user
account from /etc/passwd file and the enhanced security protected
password database.
-r Removes a users home directory from the system. This directory must
exist and must be owned by the user whose login account is being
deleted.
-R When enhanced security is enabled, retires the account without
deleting entries from the databases or removing home directories.
-t type Removes a local plus (+) or local minus (-) NIS user from the user
database. The value of the type parameter can be + or -.
-P Removes PC accounts only, without deleting the users existing UNIX
account.
-x extended_option [extended_option]...
Extended_options are of the form attribute=value. You may enter any
number of extended options (within the character limit of the
command line) by separating each option with a space.
Alternatively, they may be entered separately following the -x
switch. Note that some extended options are only available under
specific system environments.
The following sets of extended_option attributes are available:
local=0|1
The value 1 indicates that the account to be deleted is
local. The value 0 indicates that the account is to be
deleted from some other database, either NIS or LDAP.
distributed=0|1
The value 1 indicates that the account to be deleted is an
NIS user account. You must be on the NIS master to delete
an NIS user.
ldap=0|1
The value 1 indicates that the account to be deleted is an
LDAP account. LDAP must be configured, and you must be on
the LDAP server or on an LDAP client with permission to
modify the LDAP database.
The following extended_option attribute is available for PC group
administration if the Advanced Server for UNIX (ASU) is configured and
running:
pc_synchronize=0|1
The value of the pc_synchronize=n attribute can be 0 or 1. If set
to 1, both PC and UNIX accounts will be affected by delete
operations. If set to 0, only UNIX accounts will be affected and by
delete operations and the PC account will be unaffected.
DESCRIPTION
The userdel command is part of a set of command line interfaces (CLI) that
are used to create and administer user accounts on the system. When The
Advanced Server for UNIX (ASU) is installed and running, the userdel
command can also be used to administer PC accounts. Accounts can also be
administered with the /usr/bin/X11/dxaccounts graphical user interface
(GUI) or the sysman(8) Accounts menu.
Different options are available depending on how the local system is
configured:
· In the default UNIX environment, user account management is compliant
with the IEEE POSIX Standard P1387.3.
· If enhanced (C2) security is configured, additional options and
extended options can be used.
· The CLI is backwards-compatible, so all existing local scripts will
function. However, you should consider testing your account management
scripts before using them.
The userdel command deletes a user's login account from the system and
makes the login-related changes in the appropriate system files determined
by the current level of security. Additionally, the files and directories
contained under the user's home directory can be removed from the system.
With the -x option, the system administrator can specify extended options,
such as whether the user login account to be deleted is local, resides in
the NIS master database, or resides in the LDAP database. If -x option is
not specified, the user login account is deleted from the appropriate
database as specified by the system defaults.
The default behavior on the system for the userdel command is as follows:
local=1, distributed=0,and ldap=0. With these values, the system deletes
the user from the local database. Certain combinations of these settings
are incompatible and produce an error: it is invalid to set all of these
values to 0 or set more than one of them to 1.
When NIS or LDAP are available, the user may have secondary group
memberships in more than one type of group. The user is always deleted from
all secondary groups of the same type. If a member of groups of another
type, the user will also be removed unless there is a user account with the
same name in the corresponding database. For example, an LDAP user may have
been given secondary membership in a local group. When the LDAP user is
deleted, membership in the local group is also removed unless there is a
local user with the same name.
RESTRICTIONS
Note the following restriction that applies to this release:
You must have superuser privilege to execute this command.
EXIT STATUS
The userdel command exits with one of the following values:
0 Success.
1 Failure.
2 Warning.
EXAMPLES
1. The following example removes the local plus (+) user, newuser1:
% userdel -t + newuser1
2. The following example removes the NIS user, newuser4, from the NIS
master database:
% userdel -r xyz
3. The following example deletes the UNIX account for studentB, removing
the home directory and its corresponding PC account.
%
userdel -r -x pc_synchronize=1 studentB
FILES
The userdel command operates on files for the specific level of system
security.
SEE ALSO
Commands: groupadd(), groupdel(), groupmod(), useradd(), usermod(),
passwd()
Manuals: System Administration, Security, Advanced Server for UNIX
Installation and Administration
|
Index for
Section 8 |
|
|
Alphabetical
listing for U |
|
 |
Top of
page |
|