User get deactivated, need to know why

Hi,

I have a bot user that does a bunch of tasks via the api, it is a trusted user and an admin user, and it has been deactivated twice this week for some reason. I cannot see anything in the staff action logs, or the error logs that hints as to why the user was deactivated.

Can you help me, either with information about which logs to look into, or possible causes a user gets deactivated by the system.

Cheers
Pekka

2 Likes

I think it may have been the InvalidateInactiveAdmins script, looks like that will not generate a log entry. Can anyone confirm since iā€™m not famliar with the details of the source.

Yes thatā€™s correct. We should certainly look at adding a log for that - it can be very confusing if you are not aware of the feature. I will add it to my todo list.

If youā€™re running the latest version of Discourse, then we have recently added some extra checks before deactivating admin accounts:

https://github.com/discourse/discourse/commit/836b3f4d82dfc610574db93cfd1d86e4064d4062

If the user has created posts, or has a recently used API key attached to it, then it will not be deactivated. Note that the API key must be specifically attached to this user, and not an ā€œall usersā€ key.

4 Likes

Yes, i saw that, i am on an earlier version unfortunatley.

I would recommend updating, but if you canā€™t then you have a couple of options:

  • ā€˜Impersonateā€™ the account, so it wonā€™t be deactivated for another year

  • Set invalidate_inactive_admin_email_after_days to a higher number, or 0 to disable

5 Likes

We did the second one, waiting a few days to see if it happens again and root cause was wrong

1 Like

We got into a lot of issue last time we updated with how flagging works, so we will not take updates unless we have no other option

I hope you like security vulnerabilities, then :rofl:

I realize there are issues with not taking updates, our use of discourse is not standard and the acual discorse server is not accessed by the users only used as a backend, so I think we are good for now.
That our users are mad because behavior has changed and we cannot undo the change since the team does not want to add an option for the legacy behavior is a bigger issue to us

Done per FEATURE: Add message to log when admins are automatically deactivated Ā· discourse/discourse@a9d0d55 Ā· GitHub

2 Likes

This topic was automatically closed after 29 hours. New replies are no longer allowed.