You can configure Data Management for VMware Tanzu to use an LDAP server for both authentication and authorization as described in Configuring LDAP Settings.
You add LDAP users to Data Management for VMware Tanzu by configuring LDAP group-to-DMS-role mapping on a per organization basis as described in:
You can delete an LDAP user from a Tenant Org that you have created in Data Management for VMware Tanzu as described in Deleting a Local User. The user that you want to delete must not own any active DMS objects (backups, Service Instances, log bundles).
While you can delete an LDAP user, you must update their LDAP group assignments or delete the user from LDAP to permanently revoke their access to DMS.
If you want to keep the LDAP user's Service Instances running, an Organization Administrator user in the Tenant Org has the permissions required to continue managing the instances.