Ensure the last enabled member of a protected group cannot be deleted or disabled by raising LastMemberError.
ipaserver.plugins.user
ipaserver.plugins.user.user