Deleting domains

Keystone domains can be deleted if there are no users associated with them. If there are any users associated with the domain when trying to delete it, an error will be shown. In this example, we will show how to delete a domain that is no longer being used, called olddomain.

Getting ready

Ensure that you are logged on to a correctly configured OpenStack client and can access the OpenStack environment as a user with admin privileges.

Refer to Chapter 2, The OpenStack Client, for details of setting up your environment to use OpenStack command-line client.

How to do it…

In order to delete a domain, execute the following commands:

  1. Get the domain's name from a current domain list:
    How to do it…
  2. Verify that there are no users associated with the olddomain domain that we will be deleting:
    openstack user list --domain olddomain

    This list should be empty before proceeding. If it is not, delete all the users before proceeding to the next step.

  3. Disable the domain:
    openstack domain set --disable  olddomain

    This command will have no output.

  4. Delete domain:
    openstack domain delete olddomain

    If successful, this command will have no output.

How it works…

Deleting unnecessary domains requires that domains have no users associated with them.

Verify that there are no users attached to this domain:

openstack user list --domain <domain>

Deleting a domain requires that it first be disabled. A domain can be disabled even if there are users attached to it:

openstack domain set --disable  <domain>

Only after a domain is disabled and no longer has any users associated with it, will you be able to delete a domain:

openstack domain delete <domain>

If you need to delete users, refer to the Deleting users recipe, earlier in this chapter.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.223.159.235