2.5.31 Delete operational user

Function

This service template deletes OS users and JP1 users, and performs peripheral settings.

It is used to facilitate tasks that are performed when administrative users are deleted, such as when servers are removed from a job execution environment.

It is enabled in the following systems:

• Systems in which jobs are executed by an agent server in a job execution environment that uses JP1/AJS3.

• Systems in which automated actions are performed and commands are executed on an agent server in a monitoring environment that uses JP1/IM.

This service template assumes that the following servers are being used.

• JP1 authentication server

Servers running a JP1/Base authentication server. These manage JP1 user information.

• Agent server

Servers on which JP1/Base is installed, and that execute jobs and perform automated actions.

The following tasks are performed:

(1) JP1 users and operating permissions are deleted (JP1 authentication server)

(2) User mapping information is deleted (agent server)

(3) Password management information registered in JP1/Base is deleted (agent server)

(4) OS users are deleted (agent server)

However, the above tasks are only executed for JP1 users for whom a permission level is appended.

If any of the JP1/AO server, the JP1 authentication server and the agent server is Windows, the execution of this services template requires the built-in Administrator. If the built-in Administrator does not exist or is invalid on each server, execute the "Delete operational user(SYSTEM)" service template that executes with the system account.

Prerequisites

For the latest support information about [Required product in the System]/[Prerequisite products in the system executing the service template]/[Prerequisite product OS running in the system executing the service template], see the release notes.

[Required product in the System]

JP1/Automatic Operation 12-00 or later

[Prerequisite products in the system executing the service template]

(1) The following version of JP1/Base is running on the JP1 authentication server and the agent server:

Job Management Partner 1/Base 09-00 or later, or

JP1/Base 11-00 or later

[Prerequisite product OS running in the system executing the service template]

(1) Windows Server 2008 R2 Standard/Enterprise/Datacenter

(2) Windows Server 2012 Standard/Datacenter, Windows Server 2012 R2 Standard/Datacenter

(3) Windows Server 2016 Standard/Datacenter

(4) Windows Server 2019 Standard/Datacenter

(5) Red Hat Enterprise Linux Server 6 (32-bit x86), Red Hat Enterprise Linux Server 6 (64-bit x86_64)

(6) Red Hat Enterprise Linux Server 7 (64-bit x86_64)

(7) Red Hat Enterprise Linux Server 8 (64-bit x86_64)

(8) AIX V6

(9) AIX V7

[Usage conditions of prerequisite products in the system executing the service template]

(1) The authentication server of the connection destination is set in JP1/Base on the agent server.

(2) OS users and JP1 users must be assigned a one-to-one correspondence.

(3) This service deletes the following information:

• Specified OS users

• (Windows environments only) Password management information of specified OS users

• Permissions of specified JP1 users

• Mapping information for specified JP1 users and specified server hosts

• Specified JP1 users

Manually delete definition information other than this.

(4) If JP1/Base on the agent server has a cluster configuration, the service can only be executed in the active server environment. In the standby server environment, manually delete OS users, password management information, and mapping definitions. If a JP1 authentication server has a cluster configuration, settings made in the active system are reflected in the standby system.

Cautions

(1) If the agent server is a UNIX server, this service also deletes the user's home directory. If necessary, save data stored in the home directory.

(2) To work with OS users of the domain environment, set domain in property OS.userType.

(3) When executing this service for a UNIX environment, do not use multibyte characters in properties.

(4) If specifying multibyte characters and when the agent server OS is Windows, specify an OS user name that is no longer than 20 bytes.

Version

03.00.00

Tags

Configure JP1,Base

Property list

The following shows the list of the property groups set in the property:

Property group	Description	Initial display
System environment information	Specify the environment information of the agent server.	Y
OS user information	Specify the OS user information to be deleted.	Y
JP1 authentication server information	Specify the JP1 authentication server information on the JP1 user to be deleted.	Y
JP1 user information	Specify the JP1 user information to be deleted.	Y

The following shows the list of the properties to be displayed in the "Service Definition" window:

(Legend)

R: The property must be specified.

O: The property can be omitted. However, the property might be mandatory depending on what is specified for other properties. See the Description of each property.

Property key	Property name	Description	I/O type	Shared	Required	Property group
jp1base.certHost	Host name of the JP1 authentication server	Specify the host name of the JP1 authentication server. Specify the physical host name of primary server or the logical host name of JP1/Base (when using JP1/Base in a cluster configuration).	Input	Disabled	R	JP1 authentication server information
jp1base.certHostLHostName	Logical host name of JP1 authentication server	Specify the logical host name of the JP1 authentication server (when the JP1 authentication server is in a cluster configuration).	Input	Disabled	O	JP1 authentication server information

The following shows the list of the properties to be displayed on the "Service Definition" window and the "Submit Service" window:

Property key	Property name	Description	I/O type	Shared	Required	Property group
common.targetHost	Agent server host name	Specify the host name or IP address of the agent server. You cannot specify an IPv6 address. Specify the physical host name of primary server or the logical host name of business server (when using business server in a cluster configuration).	Input	Disabled	R	System environment information
jp1base.jp1BaseLHostName	Logical host name of JP1/Base	Specify the logical host name of JP1/Base on the agent server (if JP1/Base is used in a cluster configuration).	Input	Disabled	O	System environment information
OS.osUserName	OS user name	Specifies the OS user name to be deleted from the agent server.	Input	Disabled	R	OS user information
OS.userType	OS user type	Specify "local" or "domain" as the OS user type. This property only takes effect when the agent server is running Windows.	Input	Disabled	O	OS user information
OS.homeDirectoryDelete	Whether to delete user's home directory	Specify whether to delete the user's home directory, after deleting the OS user. Specifying "yes" deletes it, and specifying "no" does not. This property only takes effect when the agent server is running UNIX.	Input	Disabled	O	OS user information
jp1base.jp1UserName	JP1 user name	Specifies the JP1 user name to be deleted from the JP1 authentication server.	Input	Disabled	R	JP1 user information

The following shows the restrictions on inputs to the properties displayed in the "Service Definition" window:

Property key	Characters that can be input
jp1base.certHost	A maximum of 255 characters can be entered. Characters that can be used include alphanumeric characters, as well as . and -.
jp1base.certHostLHostName	A maximum of 255 characters can be entered. Characters that can be used include alphanumeric characters, as well as . and -.

The following shows the restrictions on inputs to the property displayed on the "Service Definition" window and the "Submit Service" window:

Property key	Characters that can be input
common.targetHost	A maximum of 255 characters can be entered. Characters that can be used include alphanumeric characters, as well as . and -.
jp1base.jp1BaseLHostName	A maximum of 255 characters can be entered. Characters that can be used include alphanumeric characters, as well as . and -.
OS.osUserName	A character string of no more than 20 characters can be entered. It cannot include <, >, \|, ;, &, `, or a trailing \. In case of executing this service to UNIX, it cannot include multibyte character.
OS.userType	Select one of the following values: local,domain
OS.homeDirectoryDelete	Select one of the following values: yes,no
jp1base.jp1UserName	A maximum of 31 characters can be entered. Characters that can be used include alphanumeric characters, as well as !, #, $, %, ', -, @, _, ~.

Flow specification details

The following table shows the detailed specification of the flow:

Hierarchy	Display name	Plug-in
Hierarchy	Display name	Plug-in name	Description	Error recovery method
1	jpbaseDeleteJp1user	Flow Plug-in	Deletes information associated with a JP1 user.	--
1-1		Delete JP1 user permissions	Deletes JP1/Base operating permission on a JP1 authentication server.	Eliminate the cause of the error, and then re-execute the service.
1-2		Delete JP1 user	Deletes a JP1 user from a JP1 authentication server.	Eliminate the cause of the error, and then re-execute the service.
1-3		Delete JP1/Base user mapping	Deletes JP1 user and OS user mapping on an agent server.	Eliminate the cause of the error, and then re-execute the service.
1-4		Output OS type	Determines the OS.	Eliminate the cause of the error, and then re-execute the service.
1-7		Compatible Plug-in	Determines whether or not the OS is Windows.	Eliminate the cause of the error, and then re-execute the service.
1-8		Delete OS user information	Deletes OS user passwords from JP1/Base.	Eliminate the cause of the error, and then re-execute the service.
2	osDeleteUser	Flow Plug-in	Deletes an OS user.	--
2-1	osDeleteUser	Delete OS user	Deletes users from agent servers (or agent server domains).	Eliminate the cause of the error, and then manually delete the OS users using the net user delete command (Windows) or the userdel command (UNIX).

To Page Top