
User Management
|
189
Removing a User
Employee turnover in many organizations runs high. So, unless you run a small shop
with a stable user base, you need to learn how to clean up after an employee leaves.
Too many so-called system administrators do not understand the stakes involved
when they manage users. Disgruntled former employees can often cause significant
trouble for a company by gaining access to the network.
Removing a user isn’t a one-step process—you need to manage all of the user’s files,
mailboxes, mail aliases, print jobs, recurring (automatic) personal processes (such as
the backing up of data or remote syncing of directories), and other references to the
user. It is a good idea to first disable the user’s account in /etc/passwd; after that, you
can search for the user’s files and other references. Once all traces of the user have been
cleaned up, you can remove the user completely (if you remove the entry from /etc/
passwd while these other references exist, you have a harder time specifying them).
When you remove a user, it’s a good idea to follow a predetermined course of action
so you don’t forget any important steps; you may even want to make a checklist so
that you have a routine laid out.
The first task is to disable the user’s password, effectively locking him out. You can
do this with a command like the following:
# passwd -l tadelste
Sometimes it’s necessary to temporarily ...