Deleting a User from the Command Line
In some circumstances, a user object cannot be deleted because internal objects that reference it cannot be deleted. It can happen when there are internal references to a user object even though the user is no longer the owner of any assets. There can also be references to the user object in the audit log. In such circumstances, a user object can only be deleted by using a Java command line tool CentraSiteDeleteUser provided specifically for this purpose.
Important: | This tool is for use by administrators only, and should be used if the standard deleting procedure is not successful. In particular, the tool does not activate any policies that you might have defined. |
This command line tool deletes a user, after transferring ownership of all of the user's objects to another user (the "target" user). It also redirects to the target user all associations that referred to the user to be deleted. Any ACLs granting rights for the user to be deleted will be modified to grant those rights to the target user. If the user to be deleted was the primary contact of an organization, the target user will be assigned that role.
To make the ownership transfer visible in the audit logs, an OWNERSHIPTRANSFERRED event is created for every registry object that references the user object. The description of the auditable event includes the original owner and states that a delete user operation has been executed.
The tool's combined operation performs the following steps:
Transfer ownership of objects to the target user
Redirect internal references to the target user
Transfer access rights to the target user
Transfer group memberships to the target user
Remove the GUI configuration
Remove the user object
The tool consists of an executable jar file in the bin folder of the CentraSite installation. It requires a Java 6 (or above) runtime and needs to be called in the following way:
java -jar CentraSiteDeleteUser <CentraSite DB URL> <administrator user id>
<password> <id or key of user to be deleted> <id of target user>
Examples:
java -jar CentraSiteDeleteUser http://localhost:53307/CentraSite/CentraSite
DOMAIN\admin pAsSw0rD DOMAIN\oldUser DOMAIN\newUser
java -jar CentraSiteDeleteUser http://localhost:53307/CentraSite/CentraSite
DOMAIN\admin pAsSw0rD uddi:1e5aff10-f3e3-11df-86fc-a6e2fa0ea483 DOMAIN\newUser
Please note that the target user must be active before using this tool. The user to be deleted must be deactivated.
Restrictions
The operation to delete a user requires several steps that cannot run within a single transaction. This means every parallel running transaction will be able to see intermediate results. Therefore please ensure that no other activity is in progress while you run the tool. Moreover if there is a failure of any of the steps during the execution, the registry will have an intermediate state. The original state cannot be recovered by rolling back the complete operation.