#Delete User

#Problem Description

Issue: When creating or synchronizing a new user, the system indicates that the user already exists. How should you handle this?

For security reasons, the platform prevents creating new users (both local and IDP users) with names that match previously deleted users. This limitation applies to:

• Creating new local users with names matching deleted users
• Synchronizing IDP users with names matching deleted users

After upgrading to the current version, you may encounter this issue when:

• Creating new users with names that match users deleted before the upgrade
• Synchronizing new users with names that match users deleted before the upgrade

#Solution

To resolve this issue, you need to clean up the deleted user information by executing specific scripts on your global cluster control nodes.

#Clean up deleted IDP users

Execute the following command on any control node of your global cluster:

kubectl delete users -l 'auth.cpaas.io/user.connector_id=<IDP Name>,auth.cpaas.io/user.state=deleted'

Example:

kubectl delete users -l 'auth.cpaas.io/user.connector_id=github,auth.cpaas.io/user.state=deleted'

#Clean up deleted local users

Execute these two scripts in sequence on any control node of your global cluster:

1. Clean up user passwords:

kubectl get users -l 'auth.cpaas.io/user.connector_id=local,auth.cpaas.io/user.state=deleted' | awk '{print $1}' | xargs kubectl delete password -n cpaas-system

2. Clean up users:

kubectl delete users -l 'auth.cpaas.io/user.connector_id=local,auth.cpaas.io/user.state=deleted'