userdel()userdel()NAMEuserdel - Deletes a user login account from the system.
SYNOPSIS
SVE:
/usr/sbin/userdel [-r] login
POSIX:
/usr/sbin/userdel [-D] [-r] [-R] [-t type] [-P] [-x extended_option]
login
OPTIONS
When enhanced security mode is enabled this option deletes the user
account from /etc/passwd file and the enhanced security protected pass‐
word database. Removes a users home directory from the system. This
directory must exist and must be owned by the user whose login account
is being deleted. When enhanced security is enabled, retires the
account without deleting entries from the databases or removing home
directories. Removes a local plus (+) or local minus (-) NIS user from
the user database. The value of the type parameter can be + or -.
Removes PC accounts only, without deleting the users existing UNIX
account. Extended_options are of the form attribute=value. You may
enter any number of extended options (within the character limit of the
command line) by separating each option with a space. Alternatively,
they may be entered separately following the -x switch. Note that some
extended options are only available under specific system environments.
The following sets of extended_option attributes are available:
The value 1 indicates that the account to be deleted is local.
The value 0 indicates that the account is to be deleted from
some other database, either NIS or LDAP. The value 1 indicates
that the account to be deleted is an NIS user account. You must
be on the NIS master to delete an NIS user. The value 1 indi‐
cates that the account to be deleted is an LDAP account. LDAP
must be configured, and you must be on the LDAP server or on an
LDAP client with permission to modify the LDAP database.
The following extended_option attribute is available for PC group
administration if the Advanced Server for UNIX (ASU) is configured and
running: The value of the pc_synchronize=n attribute can be 0 or 1. If
set to 1, both PC and UNIX accounts will be affected by delete opera‐
tions. If set to 0, only UNIX accounts will be affected and by delete
operations and the PC account will be unaffected.
DESCRIPTION
The userdel command is part of a set of command line interfaces (CLI)
that are used to create and administer user accounts on the system.
When The Advanced Server for UNIX (ASU) is installed and running, the
userdel command can also be used to administer PC accounts. Accounts
can also be administered with the /usr/bin/X11/dxaccounts graphical
user interface (GUI) or the sysman(8) Accounts menu.
Different options are available depending on how the local system is
configured: In the default UNIX environment, user account management is
compliant with the IEEE POSIX Standard P1387.3. If enhanced (C2) secu‐
rity is configured, additional options and extended options can be
used. The CLI is backwards-compatible, so all existing local scripts
will function. However, you should consider testing your account man‐
agement scripts before using them.
The userdel command deletes a user's login account from the system and
makes the login-related changes in the appropriate system files deter‐
mined by the current level of security. Additionally, the files and
directories contained under the user's home directory can be removed
from the system.
With the -x option, the system administrator can specify extended
options, such as whether the user login account to be deleted is local,
resides in the NIS master database, or resides in the LDAP database. If
-x option is not specified, the user login account is deleted from the
appropriate database as specified by the system defaults.
The default behavior on the system for the userdel command is as fol‐
lows: local=1, distributed=0,and ldap=0. With these values, the system
deletes the user from the local database. Certain combinations of these
settings are incompatible and produce an error: it is invalid to set
all of these values to 0 or set more than one of them to 1.
When NIS or LDAP are available, the user may have secondary group mem‐
berships in more than one type of group. The user is always deleted
from all secondary groups of the same type. If a member of groups of
another type, the user will also be removed unless there is a user
account with the same name in the corresponding database. For example,
an LDAP user may have been given secondary membership in a local group.
When the LDAP user is deleted, membership in the local group is also
removed unless there is a local user with the same name.
RESTRICTIONS
Note the following restriction that applies to this release:
You must have superuser privilege to execute this command.
EXIT STATUS
The userdel command exits with one of the following values: Success.
Failure. Warning.
EXAMPLES
The following example removes the local plus (+) user, newuser1: %
userdel-t + newuser1 The following example removes the NIS user,
newuser4, from the NIS master database:
% userdel-r xyz The following example deletes the UNIX account
for studentB, removing the home directory and its corresponding PC
account.
% userdel-r -x pc_synchronize=1 studentB
FILES
The userdel command operates on files for the specific level of system
security.
SEE ALSO
Commands: groupadd(), groupdel(), groupmod(), useradd(), usermod(),
passwd()
Manuals: System Administration, Security, Advanced Server for UNIX
Installation and Administration
userdel()