diff --git a/auth/cas/auth.php b/auth/cas/auth.php
index ff01fa9a39258..f3d05e46e4ce2 100644
--- a/auth/cas/auth.php
+++ b/auth/cas/auth.php
@@ -269,7 +269,7 @@ function process_config($config) {
         if (!isset($config->groupecreators))
             {$config->groupecreators = ''; }
         if (!isset($config->removeuser))
-            {$config->removeuser = 0; }
+            {$config->removeuser = AUTH_REMOVEUSER_KEEP; }
         // save CAS settings
         set_config('hostname',    $config->hostname,    'auth/cas');
         set_config('port',        $config->port,        'auth/cas');
@@ -708,13 +708,13 @@ function sync_users ($bulk_insert_records = 1000, $do_updates = true) {
             if (!empty($remove_users)) {
                 print "User entries to remove: ". count($remove_users) . "\n";
                 foreach ($remove_users as $user) {
-                    if ($this->config->removeuser == 2) {
+                    if ($this->config->removeuser == AUTH_REMOVEUSER_FULLDELETE) {
                         if (delete_user($user)) {
                             echo "\t"; print_string('auth_dbdeleteuser', 'auth', array($user->username, $user->id)); echo "\n";
                         } else {
                             echo "\t"; print_string('auth_dbdeleteusererror', 'auth', $user->username); echo "\n";
                         }
-                    } else if ($this->config->removeuser == 1) {
+                    } else if ($this->config->removeuser == AUTH_REMOVEUSER_SUSPEND) {
                         $updateuser = new object();
                         $updateuser->id = $user->id;
                         $updateuser->auth = 'nologin';
@@ -731,7 +731,7 @@ function sync_users ($bulk_insert_records = 1000, $do_updates = true) {
             unset($remove_users); // free mem!
         }
 /// Revive suspended users
-        if (!empty($this->config->removeuser) and $this->config->removeuser == 1) {
+        if (!empty($this->config->removeuser) and $this->config->removeuser == AUTH_REMOVEUSER_SUSPEND) {
             $sql = "SELECT u.id, u.username
                     FROM $temptable e, {$CFG->prefix}user u
                     WHERE e.username=u.username
diff --git a/auth/cas/config.html b/auth/cas/config.html
index 22cd7a00d03e6..23f9137deb9ac 100644
--- a/auth/cas/config.html
+++ b/auth/cas/config.html
@@ -112,7 +112,7 @@
 
      if (!isset($config->removeuser))
 
-        {$config->removeuser = 0; }
+        {$config->removeuser = AUTH_REMOVEUSER_KEEP; }
 
 
 
@@ -782,11 +782,11 @@ <h4><?php print_string('auth_sync_script', 'auth') ?> </h4>
 
        $deleteopt = array();
 
-       $deleteopt['0'] = get_string('auth_remove_keep','auth');
+       $deleteopt[AUTH_REMOVEUSER_KEEP] = get_string('auth_remove_keep','auth');
 
-       $deleteopt['1'] = get_string('auth_remove_suspend','auth');
+       $deleteopt[AUTH_REMOVEUSER_SUSPEND] = get_string('auth_remove_suspend','auth');
 
-       $deleteopt['2'] = get_string('auth_remove_delete','auth');
+       $deleteopt[AUTH_REMOVEUSER_FULLDELETE] = get_string('auth_remove_delete','auth');
 
        choose_from_menu($deleteopt, 'removeuser', $config->removeuser, '');
 
@@ -825,4 +825,4 @@ <h4><?php print_string('auth_sync_script', 'auth') ?> </h4>
 
 
 ?>
-</table>
\ No newline at end of file
+</table>
diff --git a/auth/db/auth.php b/auth/db/auth.php
index 239df97e147b8..32f2df1e3c73f 100644
--- a/auth/db/auth.php
+++ b/auth/db/auth.php
@@ -255,13 +255,13 @@ function sync_users($do_updates=false) {
                 print_string('auth_dbuserstoremove','auth', count($remove_users)); echo "\n";
 
                 foreach ($remove_users as $user) {
-                    if ($this->config->removeuser == 2) {
+                    if ($this->config->removeuser == AUTH_REMOVEUSER_FULLDELETE) {
                         if (delete_user($user)) {
                             echo "\t"; print_string('auth_dbdeleteuser', 'auth', array($user->username, $user->id)); echo "\n";
                         } else {
                             echo "\t"; print_string('auth_dbdeleteusererror', 'auth', $user->username); echo "\n";
                         }
-                    } else if ($this->config->removeuser == 1) {
+                    } else if ($this->config->removeuser == AUTH_REMOVEUSER_SUSPEND) {
                         $updateuser = new object();
                         $updateuser->id   = $user->id;
                         $updateuser->auth = 'nologin';
@@ -666,7 +666,7 @@ function process_config($config) {
             $config->debugauthdb = 0;
         }
         if (!isset($config->removeuser)) {
-            $config->removeuser = 0;
+            $config->removeuser = AUTH_REMOVEUSER_KEEP;
         }
         if (!isset($config->changepasswordurl)) {
             $config->changepasswordurl = '';
diff --git a/auth/db/config.html b/auth/db/config.html
index e4ccbe3bf9206..d7aea3f814e87 100644
--- a/auth/db/config.html
+++ b/auth/db/config.html
@@ -44,7 +44,7 @@
         $config->setupsql = '';
     }
     if (!isset($config->removeuser)) {
-        $config->removeuser = 0;
+        $config->removeuser = AUTH_REMOVEUSER_KEEP;
     }
 
     $yesno = array( get_string('no'), get_string('yes') );
@@ -256,9 +256,9 @@ <h4><?php print_string('auth_sync_script', 'auth') ?> </h4>
     <td>
     <?php
        $deleteopt = array();
-       $deleteopt['0'] = get_string('auth_remove_keep','auth');
-       $deleteopt['1'] = get_string('auth_remove_suspend','auth');
-       $deleteopt['2'] = get_string('auth_remove_delete','auth');
+       $deleteopt[AUTH_REMOVEUSER_KEEP] = get_string('auth_remove_keep','auth');
+       $deleteopt[AUTH_REMOVEUSER_SUSPEND] = get_string('auth_remove_suspend','auth');
+       $deleteopt[AUTH_REMOVEUSER_FULLDELETE] = get_string('auth_remove_delete','auth');
        choose_from_menu($deleteopt, 'removeuser', $config->removeuser, '');
     ?>
     </td>
diff --git a/auth/ldap/auth.php b/auth/ldap/auth.php
index 5ae7085b5cf0c..868d950316efe 100644
--- a/auth/ldap/auth.php
+++ b/auth/ldap/auth.php
@@ -655,13 +655,13 @@ function sync_users ($bulk_insert_records = 1000, $do_updates = true) {
                 print "User entries to remove: ". count($remove_users) . "\n";
 
                 foreach ($remove_users as $user) {
-                    if ($this->config->removeuser == 2) {
+                    if ($this->config->removeuser == AUTH_REMOVEUSER_FULLDELETE) {
                         if (delete_user($user)) {
                             echo "\t"; print_string('auth_dbdeleteuser', 'auth', array($user->username, $user->id)); echo "\n";
                         } else {
                             echo "\t"; print_string('auth_dbdeleteusererror', 'auth', $user->username); echo "\n";
                         }
-                    } else if ($this->config->removeuser == 1) {
+                    } else if ($this->config->removeuser == AUTH_REMOVEUSER_SUSPEND) {
                         $updateuser = new object();
                         $updateuser->id = $user->id;
                         $updateuser->auth = 'nologin';
@@ -679,7 +679,7 @@ function sync_users ($bulk_insert_records = 1000, $do_updates = true) {
         }
 
 /// Revive suspended users
-        if (!empty($this->config->removeuser) and $this->config->removeuser == 1) {
+        if (!empty($this->config->removeuser) and $this->config->removeuser == AUTH_REMOVEUSER_SUSPEND) {
             $sql = "SELECT u.id, u.username
                     FROM $temptable e, {$CFG->prefix}user u
                     WHERE e.username=u.username
@@ -1971,7 +1971,7 @@ function process_config($config) {
         if (!isset($config->changepasswordurl))
             {$config->changepasswordurl = ''; }
         if (!isset($config->removeuser))
-            {$config->removeuser = 0; }
+            {$config->removeuser = AUTH_REMOVEUSER_KEEP; }
         if (!isset($config->ntlmsso_enabled))
             {$config->ntlmsso_enabled = 0; }
         if (!isset($config->ntlmsso_subnet))
diff --git a/auth/ldap/config.html b/auth/ldap/config.html
index 55fe2debd0db1..e7f4aeaa78a6e 100644
--- a/auth/ldap/config.html
+++ b/auth/ldap/config.html
@@ -54,7 +54,7 @@
     if (!isset($config->changepasswordurl))
         {$config->changepasswordurl = ''; }
     if (!isset($config->removeuser))
-        {$config->removeuser = 0; }
+        {$config->removeuser = AUTH_REMOVEUSER_KEEP; }
     if (!isset($config->ntlmsso_enabled))
         {$config->ntlmsso_enabled = 0; }
     if (!isset($config->ntlmsso_subnet))
@@ -432,9 +432,9 @@ <h4><?php print_string('auth_sync_script', 'auth') ?> </h4>
     <td>
     <?php
        $deleteopt = array();
-       $deleteopt['0'] = get_string('auth_remove_keep','auth');
-       $deleteopt['1'] = get_string('auth_remove_suspend','auth');
-       $deleteopt['2'] = get_string('auth_remove_delete','auth');
+       $deleteopt[AUTH_REMOVEUSER_KEEP] = get_string('auth_remove_keep','auth');
+       $deleteopt[AUTH_REMOVEUSER_SUSPEND] = get_string('auth_remove_suspend','auth');
+       $deleteopt[AUTH_REMOVEUSER_FULLDELETE] = get_string('auth_remove_delete','auth');
        choose_from_menu($deleteopt, 'removeuser', $config->removeuser, '');
     ?>
     </td>
diff --git a/lib/authlib.php b/lib/authlib.php
index 2cbdda31d13dc..835e6afd68e70 100644
--- a/lib/authlib.php
+++ b/lib/authlib.php
@@ -38,7 +38,10 @@
 define('AUTH_CONFIRM_ALREADY', 2);
 define('AUTH_CONFIRM_ERROR', 3);
 
-
+# MDL-14055
+define('AUTH_REMOVEUSER_KEEP', 0);
+define('AUTH_REMOVEUSER_SUSPEND', 1);
+define('AUTH_REMOVEUSER_FULLDELETE', 2);
 
 /**
  * Abstract authentication plugin.