NAME

uss delete - Deletes a user account

SYNOPSIS

uss delete -user <login name> [-mountpoint <mountpoint for user's volume>] [-savevolume] [-verbose] [-cell <cell name>] [-admin <administrator to authenticate>] [-dryrun] [-skipauth] [-help]

uss d -u <login name> [-m <mountpoint for user's volume>] [-sa] [-v] [-c <cell name>] [-a <administrator to authenticate>] [-d] [-sk] [-h]

DESCRIPTION

The uss delete command removes the Authentication Database and Protection Database entries for the user named by -user argument. In addition, it can remove the user's home volume and associated VLDB entry, a mount point for the volume or both, depending on whether the -mountpoint and -savevolume options are provided.

OPTIONS

-user <login name>

Names the entry to delete from the Protection and Authentication Databases.

-mountpoint <mountpoint for the user's volume>

Specifies the pathname to the user's home directory, which is deleted from the filespace. By default, the volume referenced by the mount point is also removed from the file server machine that houses it, along with its Volume Location Database (VLDB) entry. To retain the volume and VLDB entry, include the -savevolume flag. Partial pathnames are interpreted relative to the current working directory.

Specify the read/write path to the mount point, to avoid the failure that results from attempting to remove a mount point from a read-only volume. By convention, the read/write path is indicated by placing a period before the cell name at the pathname's second level (for example, /afs/.abc.com). For further discussion of the concept of read/write and read-only paths through the filespace, see the fs mkmount reference page.

-savevolume

Preserves the user's volume and VLDB entry.

-verbose

Produces on the standard output stream a detailed trace of the command's execution. If this argument is omitted, only warnings and error messages appear.

-cell <cell name>

Specifies the cell in which to run the command. For more details, see uss(8).

-admin <administrator to authenticate>

Specifies the AFS user name under which to establish authenticated connections to the AFS server processes that maintain the various components of a user account. For more details, see uss(8).

-dryrun

Reports actions that the command interpreter needs to perform while executing the command, without actually performing them. For more details, see uss(8).

-skipauth

Prevents authentication with the AFS Authentication Server, allowing a site using Kerberos to substitute that form of authentication.

-help

Prints the online help for this command. All other valid options are ignored.

EXAMPLES

The following command removes smith's user account from the abc.com cell. The -savevolume argument retains the user.smith volume on its file server machine.

   % uss delete smith -mountpoint /afs/abc.com/usr/smith -savevolume

PRIVILEGE REQUIRED

The issuer (or the user named by -admin argument) must belong to the system:administrators group in the Protection Database, must have the ADMIN flag turned on in his or her Authentication Database entry, and must have at least a (administer) and d (delete) permissions on the access control list (ACL) of the mount point's parent directory. If the -savevolume flag is not included, the issuer must also be listed in the /usr/afs/etc/UserList file.

SEE ALSO

UserList(5), fs_mkmount(1), uss(8)

COPYRIGHT

IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved.

This documentation is covered by the IBM Public License Version 1.0. It was converted from HTML to POD by software written by Chas Williams and Russ Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.