#!/bin/sh -e

. alterator-kdc-princ-functions
. alterator-openldap-functions

[ -n "$DN_CONF" ] || fatal "DN_CONF not set"

[ "$#" -eq 1 ] || fatal "more arguments required"
user="$1"; shift

[ -n "$ENABLE_KRB" ] &&
delprinc "$user" > /dev/null 2>&1

ldapdelete -D "$rootdn" $rootpw -x -H "ldap://${host:-127.0.0.1}" "uid=$user,ou=People,$base" > /dev/null
ldap-groupdel "$user"
