To get rid of the users in SAML please follow the directions below.
First
remove the users from ~SPLUNK_HOME/etc/users
Second
Find the correct authentication.conf (most of the time it is located under ~SPLUNK_HOME/etc/system/local)
Third,
Locate the [userToRoleMap_SAML] stanza and delete the users you want to delete in SAML.
Fourth,
Preform a debug/refresh then reload the SAML configurations in Settings > Access Controls > Authentication Method > Reload SAML Settings at the bottom of your screen.
... View more