It’s hard to imagine how someone could administer a system that they don’t have access to. And if you can’t trust neither the managers nor the admins, well, you’re not going to solve that with technology.
But any user can search for users. Search results for '@Gavin_Hudson' - Discourse Meta. If employees are going to say things that they will be penalized for then you could allow anonymous posting? But there is still no way to keep admins from knowing who is posting.
Even if you had a plugin that removed the /admin/users route and the /users route (because everyone can see the list of users, right?), and disabled searching, admins could still get the information by
- using the data explorer plugin
- accessing the rails console
- downloading a backup and restoring it on another instance
- directly querying the database
And even if your horrible managers can’t search the forum, they can still see the posts that they make and who made them if they just look at all of the posts. Or do you mean in PMs? If you mean PMs then you could use Discourse Encrypt (for Private Messages) and that would keep admins from being able to see what was said.
If you don’t trust managers or admins then the only thing you could do would be to have a forum that is not managed by anyone in your company that has users sign up with email addresses that are not connected to the company.
Or maybe there is still something that I don’t understand.