search cancel

PAM-CM-6001 User accounts disabled due to inactivity - deactivated user


Article ID: 224051


Updated On:


CA Privileged Access Manager (PAM)



We recently upgraded our new PAM server to 3.4.5 and now the user accounts are being disabled due to inactivity. How do I disable this feature? Both Disable Inactive After and Remove Disabled After are set to 0 days. 


PAM-CM-6001: 36 inactive user(s) have been auto deactivated for exceeding maximum allowable inactivity period of 0 day(s).
PAM-CM-6012: Started the user deactivation task.


This is caused by a bug introduced in the patch to 3.4.5


Release : 3.4

Component :


To workaround the issue simply set the # of days higher than 0 (max is 730). This will not stop the timeouts for inactive users but will give some control until a patch can be provided

To re-enable bulk users you can select all and enable through the gui

Additional Information

This problem is fixed in 3.4.6 and 4.0.1, but the fix is NOT included in the PAM_USERS_DEACT_2022 Hotfix, which was published in January 2022 to resolve a different problem causing false user deactivations. For 3.4.5 you need to use the resolution discussed above, even with PAM_USERS_DEACT_2022 applied.