Deleting Key Manager Accounts

You can Delete local Key Manager accounts to disable them in the system. Deleted accounts cannot be used for accessing the Key Manager management interfaces, nor for performing management operations.

Note that directory-based accounts are managed by the directory instead of Key Manager: to prevent a directory user from logging in, you must delete their account from the directory. Directory accounts will be automatically activated from deleted status when the account is succesfully authorized with directory login.

Audit events pertaining to deleted accounts are preserved.

This action disables local target Key Manager accounts. Deleted local accounts can be re-enabled by using the Key Manager controller; for more information, see Managing Key Manager Administrator Accounts.

In most situations, disabling an account is preferable to deleting it. Both actions prevent the account from being used. Disabled accounts can be quickly hidden from listings and counts using filters. Furthermore, unlike deleted accounts, disabled accounts can be re-enabled later without using the Key Manager Controller.