Deregistering users and groups

IBM® WebSphere® Portal stores users and groups that exist in the user registry as entries in the database. When using the XML configuration interface or the Manage User and Groups portlet to delete users and groups, they are deleted from the user registry as well as from the database. Deleting a user or group directly from the configured user registry does not remove the database entry. Also, WebSphere Portal does not remove entries from its database when users or groups are muted in the user registry, for example, users with too many wrong password attempts. You can manually remove the users and groups from the database.

About this task

Example cases for removing users or groups are:
  • Portal users or groups have been removed from the user registry, but not from the portal database.
  • User IDs have been deactivated, for example after too many wrong password attempts.
Note: After deleting these entries via the modified XML script, all customization is lost for the deleted users and groups.
To remove users and groups from your portal, proceed as follows:

Procedure

  1. Make a backup copy of your portal database.
  2. Export the affected user and group database entries by using the XML configuration interface and referencing the CleanupUsers.xml file as the input; see Sample XML configuration files for information including the location of the input file.
  3. Check the exported XML file and compare the exported entries with the user registry; for example, determine which users and groups you want to delete permanently, and which of the muted users and groups you want to re-enable.
    Note: If the number of invalid users is very high, the XML export step can fail with an out-of-memory exception. For such cases, APAR PI23109 introduces a new XML element threshold. In case of such out-of-memory exceptions, add threshold="10000" to the <request ... > element in the CleanupUsers.xml script. This option limits the number of exported users to 10,000. When you use this approach, repeat the export step and all following steps until the exported file contains no entries any more. You need to have APAR PI23109 or fix pack CF14 installed to use this XML element.
  4. From the exported XML file remove the users and groups that you want to keep in the database. All users and groups that remain in the file will be removed from the database.
  5. Import the modified XML file with the XML configuration interface. The users and groups that are listed in the XML file are removed from the database.

Results

Your portal is now clean of users that you do not want to use any more.