Removing Bootstrap Admin User - dogtagpki/freeipa GitHub Wiki
This step is defined in DogtagInstance.teardown_admin().
First, find all groups the bootstrap admin
belongs to:
$ ldapsearch -b "ou=groups,o=ipaca" "(uniqueMember=uid=admin,ou=people,o=ipaca)"
Then remove the user from those groups:
$ ldapmodify dn: cn=...,ou=groups,o=ipaca changetype: modify delete: uniqueMember uniqueMember: uid=admin,ou=people,o=ipaca
Finally, remove the user itself:
$ ldapdelete uid=admin,ou=people,o=ipaca