diff --git a/keystone/identity/backends/sql.py b/keystone/identity/backends/sql.py
index 7c692475cf..e4281a8d56 100644
--- a/keystone/identity/backends/sql.py
+++ b/keystone/identity/backends/sql.py
@@ -327,7 +327,15 @@ class Identity(sql.Base, identity.Driver):
     def delete_user(self, user_id):
         session = self.get_session()
         user_ref = session.query(User).filter_by(id=user_id).first()
+        membership_refs = session.query(UserTenantMembership)\
+                          .filter_by(user_id=user_id)\
+                          .all()
+
         with session.begin():
+            if membership_refs:
+                for membership_ref in membership_refs:
+                    session.delete(membership_ref)
+
             session.delete(user_ref)
             session.flush()
 
diff --git a/tests/test_backend_sql.py b/tests/test_backend_sql.py
index a8951512e9..4d1da37c34 100644
--- a/tests/test_backend_sql.py
+++ b/tests/test_backend_sql.py
@@ -37,6 +37,17 @@ class SqlIdentity(test.TestCase, test_backend.IdentityTests):
         self.identity_api = identity_sql.Identity()
         self.load_fixtures(default_fixtures)
 
+    def test_delete_user_with_tenant_association(self):
+        user = {'id': 'fake',
+                'name': 'fakeuser',
+                'password': 'passwd'}
+        self.identity_api.create_user('fake', user)
+        self.identity_api.add_user_to_tenant(self.tenant_bar['id'],
+                                             user['id'])
+        self.identity_api.delete_user(user['id'])
+        tenants = self.identity_api.get_tenants_for_user(user['id'])
+        self.assertEquals(tenants, [])
+
 
 class SqlToken(test.TestCase, test_backend.TokenTests):
     def setUp(self):