Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-4120

RFE - prune user and identities objects if don't exist in the identity provider

XMLWordPrintable

    • Icon: Feature Request Feature Request
    • Resolution: Done
    • Icon: Undefined Undefined
    • None
    • openshift-4.10, openshift-4.11, openshift-4.12, openshift-4.13
    • Auth, oauth-server
    • None
    • False
    • None
    • False
    • Not Selected
    • 0
    • 0% 0%

      Proposed title of this feature request

      Requirement is to prune OCP users and identities objects if they are not found in the upstream identity provider periodically.

      In the documentation[1], we provided the features to prune groups through oc command but we don't have anything for users and identities.  

      $ oc adm prune groups --sync-config=/path/to/ldap-sync-config.yaml --confirm

       

      Why does the customer need this?

      As stated, we have several OCP clusters and need to clear up hundreds of old records across the clusters. 

       

      [1]https://docs.openshift.com/container-platform/4.9/authentication/ldap-syncing.html

       

            atelang@redhat.com Anjali Telang
            rhn-support-rsahoo Ramesh Sahoo
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Created:
              Updated:
              Resolved: