- goid in ssg.internal_user uniquely identifies a user, and maps to identity_id in ssg.rbac_assignment, to define access rights for that specific user.
- You can get a list of current users and groups from internal_user and internal_group tables, and compare it to users/groups listed in rbac_assignment table to find orphan ones, and proceed to remove those. Please note that identity_id in rbac_assignment table ~ goid in internla_user and internal_group tables.
# mysql
mysql use ssg;
mysql> select hex(goid),name from internal_user;
mysql> select hex(goid),hex(provider_goid),hex(role_goid),identity_id,entity_type from rbac_assignment where entity_type="User";
mysql> select hex(goid),name from internal_group;
mysql> select hex(goid),hex(provider_goid),hex(role_goid),identity_id,entity_type from rbac_assignment where entity_type="Group";
# service ssg stop
# mysqldump --all-databases > ~/all_databases_`date '+%Y%m%d_%T'`.sql
# mysql
mysql> use ssg;
mysql> delete from rbac_assignment where identity_id = 'nnnnnnnn';
mysql> quit
# service ssg start