Remove encrypted files when password was changed from LDAP



We connected our ownCloud Server (9.0.1) to LDAP. A user started putting in files, but doesn't remember his password. We enabled encryption for some users, but this user then subsequently changed his password, and doesn't remember the old one. Now, when he logs in, he gets a banner that reads "Invalid private key for Encryption App. Please update your private key password in your personal settings to recover access to your encrypted files.". When we try to change the encryption key using the ownCloud basic encryption module, the api call (ajax call) gives a 503 Service Unavailable.

At this point we just want to remove all encryption, as we have encrypted the volume in the server instead.

I tried even removing the user, but occ user:delete [uid] doesn't seem to work, and I can not decrypt-all this user either.

Steps to reproduce
1. Connect ownCloud to AD, and turn on encryption
2. Upload files
3. Change AD password
4. Try to fix:
4.1 Try changing the ownCloud encryption key to match the new password 503 Service Unavailable
4.2 Try to delete ownCloud user using occ user:delete [uid] : The specified user could not be deleted. Please check the logs.
4.3 Try to decrypt all the users files with what might have been the old password:Files for following users couldn't be decrypted, maybe the user is not set up in a way that supports this operation: [uid]

Expected behaviour
Tell us what should happen

Actual behaviour
Tell us what happens instead

Server configuration
Operating system: CentOS 7
Web server: Apache
Database: Mysql
PHP version: 5.4.16
ownCloud version (see ownCloud admin page): 9.1.1 (updated from 9.0.2 as a measure of troubleshooting)
Updated from an older ownCloud or fresh install: Updated from 9.0.1

Special configuration (external storage, external authentication, reverse proxy, server-side-encryption):

Trying to remove server-side encryption


Did that issue happened while using 9.0.2 or 9.1.1?

Are you using external storages?