Red Hat SummitChapter 13. Removing the trust using the IdM Web UI
You can remove the Identity Management (IdM)/Active Directory (AD) trust using the IdM Web UI.
Prerequisites
- You have obtained a Kerberos ticket. For details, see Logging in to IdM in the Web UI: Using a Kerberos ticket.
Procedure
- Log in to the IdM Web UI with administrator privileges. For details, see Accessing the IdM Web UI in a web browser.
- In the IdM Web UI, click the IPA Server tab.
- In the IPA Server tab, click the Trusts tab.
Select the trust you want to remove.
- Click the Delete button.
In the Remove trusts dialog box, click Delete.
- Remove the trust object from your Active Directory configuration.
Removing the trust configuration does not automatically remove the ID range IdM has created for AD users. This way, if you add the trust again, the existing ID range is re-used. Also, if AD users have created files on an IdM client, their POSIX IDs are preserved in the file metadata.
To remove all information related to an AD trust, remove the AD user ID range in the ID Ranges tab after removing the trust configuration and trust object.
Verification
If the trust has been successfully deleted, the Web UI displays a green pop-up with the text:
