On 11/26/21 00:13, Matthew Miller wrote: > On Thu, Nov 25, 2021 at 06:36:36PM +0100, Thomas Mueller wrote: >>> I have a computer with a local user X that shadows an LDAP user of the >>> same name (and group). >>> >>> I know I can use: >>> userdel X >>> groupdel X >> check luserdel and lgroupdel . The prefix l is for local. :-) > Oh, except... it's not. The l is for "libuser" — those tools are samples for > the libuser package, https://pagure.io/libuser. And libuser absolutely can > affect LDAP, depending on the system configuration. > at least it seems that save, that ansible * https://github.com/ansible/ansible/blob/devel/lib/ansible/modules/user.py#L625 * https://github.com/ansible/ansible/blob/devel/lib/ansible/modules/user.py#L640-L643 and puppet * https://github.com/puppetlabs/puppet/blob/main/lib/puppet/provider/user/useradd.rb#L12 are using it, when you specify "local=yes" or "forcelocal=true". - Thomas