Chapter 11. Uninstalling SSSD Containers

This chapter describes how you can uninstall a System Security Services Daemon (SSSD) container.

11.1. Uninstalling an SSSD Container Enrolled in an Identity Management Domain

This procedure describes how to uninstall the System Security Services Daemon (SSSD) container from an Atomic Host system and unenroll the Atomic Host system from the Identity Management domain.

Procedure

  1. Use the atomic uninstall command, and include the image name:

    # atomic uninstall rhel7/sssd
    [... output truncated ...]
    Unenrolling client from IPA server
    [... output truncated ...]
    Client uninstall complete
    [... output truncated ...]
  2. Remove the Atomic Host system’s host entry on an Identity Management server. For example, from the command line:

    $ ipa host-del <atomic.example.com>
  3. To prevent the sssd service on the Atomic Host from attempting to start the container that is now unconfigured, remove the systemd unit file for the service and reload the systemd process:

    # rm /etc/systemd/system/sssd.service
    # systemctl daemon-reload

11.2. Uninstalling an SSSD Container Joined to an Active Directory Domain

This procedure describes how to uninstall the System Security Services Daemon (SSSD) container from an Atomic Host system and unenroll the Atomic Host system from the Active Directory domain.

Procedure

  • Use the atomic uninstall command, include the image name, and specify the realm that you want to leave. If you are using the default Administrator user account for the operation:

    # atomic uninstall rhel7/sssd realm leave <ad.example.com>

    If you are using another user account, specify it with the --user option:

    # atomic uninstall rhel7/sssd realm leave --user <user_name> <ad.example.com>