pts_removeuser - Removes a user from a Protection group
pts removeuser -user <user name>+ -group <group name>+ [-cell <cell name>] [-noauth] [-localauth] [-force] [-help] [-auth] [-encrypt [<yes|no>]] [-config <configuration file>]
The pts removeuser command removes each user, machine, network or group named by the -user argument from each group named by the -group argument.
To add users, machines, networks, or groups to a group, use the pts_adduser(1) command. To list group membership, use the pts_membership(1) command. To remove members from a group and delete the group's entry completely in a single step, use the pts_delete(1) command.
Each user's or machines' group membership is compiled when he or she authenticates to a File Server. Any users or machines who have valid tokens when they are removed from a group retain the privileges extended to that group's members until their tokens expire or they reauthenticate.
Specifies the name of each user, machine, network or group entry to remove.
Names each group from which to remove members.
Use the calling user's tokens to communicate with the Protection Server. For more details, see pts(1).
Names the cell in which to run the command. For more details, see pts(1).
Sets the location of the configuration file to be used. The default file is /etc/yfs/yfs-client.conf. For more details, see pts(1).
Enables or disables encryption for any communication with the Protection Server. For more details, see pts(1).
Enables the command to continue executing as far as possible when errors or other problems occur, rather than halting execution at the first error.
Prints the online help for this command. All other valid options are ignored.
Constructs a server ticket using a key from the local /etc/yfs/server/KeyFileExt file. Do not combine this flag with the -cell or -noauth options. For more details, see pts(1).
Assigns the unprivileged identity anonymous to the issuer. For more details, see pts(1).
The following example removes user smith from the groups staff and staff:finance.
Note that no switch names are necessary because only a single instance is provided for the first argument (the username).
% pts removeuser smith staff staff:finance
The following example removes three network entries from the group bin-prot:
% pts removeuser -user 10.255.0.0 122.168.105.0 172.16.106.0 -group bin-prot
The required privilege depends on the setting of the (R) privacy flag on the Protection group named by the -group argument (use the pts_examine(1) command to display the flags):
If it is the hyphen -, only the group's owner and members of the system:administrators group can remove members.
If it is lowercase r, members of the group can also remove other members.
(It is not possible to set the flag to uppercase R.)
pts(1), pts_adduser(1), pts_examine(1), pts_membership(1), pts_setaccess(1), pts_setfields(1)
IBM Corporation 2000. http://www.ibm.com/ All Rights Reserved.
This documentation is covered by the IBM Public License Version 1.0. It was converted from HTML to POD by software written by Chas Williams and Russ Allbery, based on work by Alf Wachsmann and Elizabeth Cassell.
"AFS" is a registered mark of International Business Machines Corporation, used under license. (USPTO Registration 1598389)
"OpenAFS" is a registered mark of International Business Machines Corporation. (USPTO Registration 4577045)
The "AuriStor" name, log 'S' brand mark, and icon are registered marks of AuriStor, Inc. (USPTO Registrations 4849419, 4849421, and 4928460) (EUIPO Registration 015539653).
"Your File System" is a registered mark of AuriStor, Inc. (USPTO Registrations 4801402 and 4849418).
"YFS" and "AuriStor File System" are trademarks of AuriStor, Inc.