openafs/doc/html/AdminReference/auarf223.htm

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 4//EN">
<HTML><HEAD>
<TITLE>Administration Reference</TITLE>
<!-- Begin Header Records  ========================================== -->
<!-- /tmp/idwt3672/auarf000.scr converted by idb2h R4.2 (359) ID      -->
<!-- Workbench Version (AIX) on 3 Oct 2000 at 16:18:30                -->
<META HTTP-EQUIV="updated" CONTENT="Tue, 03 Oct 2000 16:18:29">
<META HTTP-EQUIV="review" CONTENT="Wed, 03 Oct 2001 16:18:29">
<META HTTP-EQUIV="expires" CONTENT="Thu, 03 Oct 2002 16:18:29">
</HEAD><BODY>
<!-- (C) IBM Corporation 2000. All Rights Reserved    --> 
<BODY bgcolor="ffffff"> 
<!-- End Header Records  ============================================ -->
<A NAME="Top_Of_Page"></A>
<H1>Administration Reference</H1>
<HR><P ALIGN="center"> <A HREF="../index.htm"><IMG SRC="../books.gif" BORDER="0" ALT="[Return to Library]"></A> <A HREF="auarf002.htm#ToC"><IMG SRC="../toc.gif" BORDER="0" ALT="[Contents]"></A> <A HREF="auarf222.htm"><IMG SRC="../prev.gif" BORDER="0" ALT="[Previous Topic]"></A> <A HREF="#Bot_Of_Page"><IMG SRC="../bot.gif" BORDER="0" ALT="[Bottom of Topic]"></A> <A HREF="auarf224.htm"><IMG SRC="../next.gif" BORDER="0" ALT="[Next Topic]"></A> <A HREF="auarf284.htm#HDRINDEX"><IMG SRC="../index.gif" BORDER="0" ALT="[Index]"></A> <P> 
<P>
<H2><A NAME="HDRPTS_REMOVEUSER" HREF="auarf002.htm#ToC_237">pts removeuser</A></H2>
<A NAME="IDX5382"></A>
<A NAME="IDX5383"></A>
<A NAME="IDX5384"></A>
<A NAME="IDX5385"></A>
<A NAME="IDX5386"></A>
<A NAME="IDX5387"></A>
<A NAME="IDX5388"></A>
<A NAME="IDX5389"></A>
<P><STRONG>Purpose</STRONG>
<P>Removes a user from a Protection Database group
<P><STRONG>Synopsis</STRONG>
<PRE><B>pts removeuser -user</B> &lt;<VAR>user&nbsp;name</VAR>><SUP>+</SUP>  <B>-group</B> &lt;<VAR>group&nbsp;name</VAR>><SUP>+</SUP>
               [<B>-cell</B> &lt;<VAR>cell&nbsp;name</VAR>>]  [<B>-noauth</B>]  [<B>-force</B>]  [<B>-help</B>]
   
<B>pts rem -u</B> &lt;<VAR>user&nbsp;name</VAR>><SUP>+</SUP>  <B>-g</B> &lt;<VAR>group&nbsp;name</VAR>><SUP>+</SUP>  [<B>-c</B> &lt;<VAR>cell&nbsp;name</VAR>>]  
        [<B>-n</B>]  [<B>-f</B>]  [<B>-h</B>]
</PRE>
<P><STRONG>Description</STRONG>
<P>The <B>pts removeuser</B> command removes each user or machine named by
the <B>-user</B> argument from each group named by the <B>-group</B>
argument.
<P>To add users to a group, use the <B>pts adduser</B> command. To
list group membership, use the <B>pts membership</B> command. To
remove users from a group and delete the group's entry completely in a
single step, use the <B>pts delete</B> command.
<P><STRONG>Cautions</STRONG>
<P>AFS compiles each user's group membership as he or she
authenticates. Any users who have valid tokens when they are removed
from a group retain the privileges extended to that group's members until
they discard their tokens or reauthenticate.
<P><STRONG>Options</STRONG>
<DL>
<P><DT><B>-name
</B><DD>Specifies the name of each user entry or the IP address (complete or
wildcard-style) of each machine entry to remove.
<P><DT><B>-group
</B><DD>Names each group from which to remove members.
<P><DT><B>-cell
</B><DD>Names the cell in which to run the command. For more details, see
the introductory <B>pts</B> reference page.
<P><DT><B>-noauth
</B><DD>Assigns the unprivileged identity <B>anonymous</B> to the
issuer. For more details, see the introductory <B>pts</B> reference
page.
<P><DT><B>-force
</B><DD>Enables the command to continue executing as far as possible when errors
or other problems occur, rather than halting execution at the first
error.
<P><DT><B>-help
</B><DD>Prints the online help for this command. All other valid options
are ignored.
</DL>
<P><STRONG>Examples</STRONG>
<P>The following example removes user <B>smith</B> from the groups
<B>staff</B> and <B>staff:finance</B>. Note that no
switch names are necessary because only a single instance is provided for the
first argument (the username).
<PRE>   % <B>pts removeuser smith staff staff:finance</B>
   
</PRE>
<P>The following example removes three machine entries, which represent all
machines in the ABC Corporation network, from the group
<B>bin-prot</B>:
<PRE>   % <B>pts removeuser -user 138.255.0.0 192.12.105.0 192.12.106.0 -group bin-prot</B>
   
</PRE>
<P><STRONG>Privilege Required</STRONG>
<P>The required privilege depends on the setting of the fifth privacy flag in
the Protection Database for the group named by the <B>-group</B> argument
(use the <B>pts examine</B> command to display the flags):
<UL>
<P><LI>If it is the hyphen, only the group's owner and members of the
<B>system:administrators</B> group can remove members.
<P><LI>If it is lowercase <TT>r</TT>, members of the group can also remove
other members.
</UL>
<P>(It is not possible to set the fifth flag to uppercase
<TT>R</TT>.)
<P><STRONG>Related Information</STRONG>
<P><A HREF="auarf210.htm#HDRPTS_INTRO">pts</A>
<P><A HREF="auarf211.htm#HDRPTS_ADDUSER">pts adduser</A>
<P><A HREF="auarf217.htm#HDRPTS_EXAMINE">pts examine</A>
<P><A HREF="auarf222.htm#HDRPTS_MEMBERSHIP">pts membership</A>
<P><A HREF="auarf225.htm#HDRPTS_SETFIELDS">pts setfields</A>
<P>
<HR><P ALIGN="center"> <A HREF="../index.htm"><IMG SRC="../books.gif" BORDER="0" ALT="[Return to Library]"></A> <A HREF="auarf002.htm#ToC"><IMG SRC="../toc.gif" BORDER="0" ALT="[Contents]"></A> <A HREF="auarf222.htm"><IMG SRC="../prev.gif" BORDER="0" ALT="[Previous Topic]"></A> <A HREF="#Top_Of_Page"><IMG SRC="../top.gif" BORDER="0" ALT="[Top of Topic]"></A> <A HREF="auarf224.htm"><IMG SRC="../next.gif" BORDER="0" ALT="[Next Topic]"></A> <A HREF="auarf284.htm#HDRINDEX"><IMG SRC="../index.gif" BORDER="0" ALT="[Index]"></A> <P> 
<!-- Begin Footer Records  ========================================== -->
<P><HR><B> 
<br>&#169; <A HREF="http://www.ibm.com/">IBM Corporation 2000.</A>  All Rights Reserved 
</B> 
<!-- End Footer Records  ============================================ -->
<A NAME="Bot_Of_Page"></A>
</BODY></HTML>