I had an OKD 4.5 user which authenticated against htpasswd. This user was a member of a group and admin role binding.

I then deleted the user through the web console:

The problem came when I wanted to re-enable the user.

Adding a user in OKD involves adding an authentication mechanism, IDP, such as htpasswd, LDAP or Google. Then when the user logged in their name appeared in the list of users – albeit without any access.

So when I tried to login as the deleted user it wouldn’t let me giving me an “authentication error”:

There doesn’t seem to be any obvious way to fix the issue. Certainly I could not find anything in the web console.

Solution

The solution turned out to be really simple. From a command line and logged in as an oc user with admin rights run:

oc delete identity htpasswd:admin

The name of the user is “admin” and the authentication mechanism is “htpasswd”.

After doing the above the user appeared in the list of users and could be added to groups etc.