NAME

pts_removeuser - Removes a user from a Protection group

SYNOPSIS

pts removeuser -user <user name>+ -group <group name>+ [-cell <cell name>] [-noauth] [-localauth] [-force] [-help] [-auth] [-encrypt [<yes|no>]] [-config <configuration file>]

DESCRIPTION

The pts removeuser command removes each user, machine, network or group named by the -user argument from each group named by the -group argument.

To add users, machines, networks, or groups to a group, use the pts_adduser(1) command. To list group membership, use the pts_membership(1) command. To remove members from a group and delete the group's entry completely in a single step, use the pts_delete(1) command.

CAUTIONS

Each user's or machines' group membership is compiled when he or she authenticates to a File Server. Any users or machines who have valid tokens when they are removed from a group retain the privileges extended to that group's members until their tokens expire or they reauthenticate.

OPTIONS

-user <user name>+

Specifies the name of each user, machine, network or group entry to remove.

-group <group name>+

Names each group from which to remove members.

-auth

Use the calling user's tokens to communicate with the Protection Server. For more details, see pts(1).

-cell <cell name>

Names the cell in which to run the command. For more details, see pts(1).

-config <configuration file>

Sets the location of the configuration file to be used. The default file is /etc/yfs/yfs-client.conf. For more details, see pts(1).

-encrypt [<yes|no>]

Enables or disables encryption for any communication with the Protection Server. For more details, see pts(1).

-force

Enables the command to continue executing as far as possible when errors or other problems occur, rather than halting execution at the first error.

-help

Prints the online help for this command. All other valid options are ignored.

-localauth

Constructs a server ticket using a key from the local /etc/yfs/server/KeyFileExt file. Do not combine this flag with the -cell or -noauth options. For more details, see pts(1).

-noauth

Assigns the unprivileged identity anonymous to the issuer. For more details, see pts(1).

EXAMPLES

The following example removes user smith from the groups staff and staff:finance. Note that no switch names are necessary because only a single instance is provided for the first argument (the username).

   % pts removeuser smith staff staff:finance

The following example removes three network entries from the group bin-prot:

   % pts removeuser -user 10.255.0.0 122.168.105.0 172.16.106.0 -group bin-prot

PRIVILEGE REQUIRED

The required privilege depends on the setting of the (R) privacy flag on the Protection group named by the -group argument (use the pts_examine(1) command to display the flags):

(It is not possible to set the flag to uppercase R.)

SEE ALSO

pts(1), pts_adduser(1), pts_examine(1), pts_membership(1), pts_setaccess(1), pts_setfields(1)

COPYRIGHT

IBM Corporation 2000. http://www.ibm.com/ All Rights Reserved.

This documentation is covered by the IBM Public License Version 1.0. It was converted from HTML to POD by software written by Chas Williams and Russ Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.

ACKNOWLEDGEMENTS

"AFS" is a registered mark of International Business Machines Corporation, used under license. (USPTO Registration 1598389)

"OpenAFS" is a registered mark of International Business Machines Corporation. (USPTO Registration 4577045)

The "AuriStor" name, log 'S' brand mark, and icon are registered marks of AuriStor, Inc. (USPTO Registrations 4849419, 4849421, and 4928460) (EUIPO Registration 015539653).

"Your File System" is a registered mark of AuriStor, Inc. (USPTO Registrations 4801402 and 4849418).

"YFS" and "AuriStor File System" are trademarks of AuriStor, Inc.