Use these commands in wsadmin to remove a user or group.
Removing a user or group withdraws the authorization permissions for all roles to which they have previously been added.
$AdminTask removeUserFromAllRoles
{-bus busname
-user userName}
$AdminTask removeGroupFromAllRoles
{-bus busname
-group groupName}
$AdminConfig save