Skip to Content
Skip Breadcrumb

The user handling in openshift is handled in different kinds. I Use here the LDAP Identity Providers as example.

The official documentation describes the different back ends which are available to authenticate a users.

Openshift Container Plattform - Authentication
Openshift Origin - Authentication

When a user/userin login the first time into OpenShift he/she will be created in the OpenShift users table AND in the identity table.
For example User tom001 login into openshfit.

oc login https://YOUR-LOGIN-URL --username=tom001

You will see the user/userin in the user table

oc get user tom001
NAME     UID FULL NAME IDENTITIES
tom001   ID  tom001    LDAP:tom001

and in the identity table.

oc get identity CW-OAuth:al-cwplaygr2@none.at
NAME        IDP NAME   IDP USER NAME USER NAME USER UID
LDAP:Tom001 LDAP       tom001        tom001    ID

When you now delete the user/userin from the user table the user/userin still not be able to login into OpenShift.

oc delete user tom001

When you request the user/userin again then you should get the output below.

oc get user tom001
Error from server: users "tom001" not found

The user/userin still exists in the identity table.
You will need to delete the user/userin also in the identity.

oc delete identity tom001

The user/userin will be added again into the user table and therefore the user/userin can login again into the OpenShift.

You can contact me for any further questions and orders