Azure Red Hat OpenShift — Deleting a user in a proper way

Ever deleted a user from OpenShift and the user is unable to log in now? In this post, you will see how we can resolve this issue

Recently while experimenting with RBAC in OpenShift, one of our cluster admins, accidentally deleted a user using a web console.

When the user (who shouldn’t have been deleted in the first place) tried to log in to the cluster, it would prompt for credentials and authenticate successfully against the identity provider — our OpenShift cluster is Azure Active Directory (AAD) integrated, but then would give the error An authentication error occurred.

Cause

The reason for this error is, it all depends on how users are authenticated using configured identity provider in Open Shift. In our case, it is Azure Active Directory.

So, when the user logs in the credentials are submitted to the identity provider and successfully validated, however, the user’s identity validation is dependent on mappingMethod property (docs), whose value wasclaim in our case. If you remember my…