Cant delete user on the System Administrator Portal #5929

Closed
opened 2026-03-07 20:42:46 -06:00 by GiteaMirror · 7 comments
Owner

Originally created by @lipy41 on GitHub (Jun 5, 2025).

Vaultwarden Support String

Your environment (Generated via diagnostics page)

  • Vaultwarden version: v1.32.2
  • Web-vault version: v2024.6.2c
  • OS/Arch: linux/x86_64
  • Running within a container: true (Base: Debian)
  • Environment settings overridden: true
  • Uses a reverse proxy: true
  • IP Header check: true (X-Real-IP)
  • Internet access: true
  • Internet access via a proxy: false
  • DNS Check: true
  • Browser/Server Time Check: true
  • Server/NTP Time Check: true
  • Domain Configuration Check: true
  • HTTPS Check: true
  • Database type: SQLite
  • Database version: 3.46.0
  • Clients used:
  • Reverse proxy and version:
  • Other relevant information:

Config (Generated via diagnostics page)

Show Running Config

Environment settings which are overridden: SIGNUPS_DOMAINS_WHITELIST

{
  "_duo_akey": null,
  "_enable_duo": false,
  "_enable_email_2fa": true,
  "_enable_smtp": true,
  "_enable_yubico": true,
  "_icon_service_csp": "",
  "_icon_service_url": "",
  "_ip_header_enabled": true,
  "_max_note_size": 10000,
  "_smtp_img_src": "cid:",
  "admin_ratelimit_max_burst": 3,
  "admin_ratelimit_seconds": 300,
  "admin_session_lifetime": 20,
  "admin_token": "***",
  "allowed_iframe_ancestors": "",
  "attachments_folder": "data/attachments",
  "auth_request_purge_schedule": "30 * * * * *",
  "authenticator_disable_time_drift": false,
  "data_folder": "data",
  "database_conn_init": "",
  "database_max_conns": 10,
  "database_timeout": 30,
  "database_url": "***************",
  "db_connection_retries": 15,
  "disable_2fa_remember": false,
  "disable_admin_token": false,
  "disable_icon_download": false,
  "domain": "*****://****************",
  "domain_origin": "*****://****************",
  "domain_path": "",
  "domain_set": true,
  "duo_context_purge_schedule": "30 * * * * *",
  "duo_host": null,
  "duo_ikey": null,
  "duo_skey": null,
  "duo_use_iframe": false,
  "email_2fa_auto_fallback": false,
  "email_2fa_enforce_on_verified_invite": false,
  "email_attempts_limit": 3,
  "email_change_allowed": true,
  "email_expiration_time": 600,
  "email_token_size": 6,
  "emergency_access_allowed": true,
  "emergency_notification_reminder_schedule": "0 3 * * * *",
  "emergency_request_timeout_schedule": "0 7 * * * *",
  "enable_db_wal": true,
  "enable_websocket": true,
  "enforce_single_org_with_reset_pw_policy": false,
  "event_cleanup_schedule": "0 10 0 * * *",
  "events_days_retain": null,
  "experimental_client_feature_flags": "fido2-vault-credentials",
  "extended_logging": true,
  "helo_name": null,
  "hibp_api_key": null,
  "http_request_block_non_global_ips": true,
  "http_request_block_regex": null,
  "icon_blacklist_non_global_ips": true,
  "icon_blacklist_regex": null,
  "icon_cache_folder": "data/icon_cache",
  "icon_cache_negttl": 259200,
  "icon_cache_ttl": 2592000,
  "icon_download_timeout": 10,
  "icon_redirect_code": 302,
  "icon_service": "internal",
  "incomplete_2fa_schedule": "30 * * * * *",
  "incomplete_2fa_time_limit": 3,
  "increase_note_size_limit": false,
  "invitation_expiration_hours": 120,
  "invitation_org_name": "FL3XX",
  "invitations_allowed": true,
  "ip_header": "X-Real-IP",
  "job_poll_interval_ms": 30000,
  "log_file": "/data/bw.log",
  "log_level": "info",
  "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f",
  "login_ratelimit_max_burst": 10,
  "login_ratelimit_seconds": 60,
  "org_attachment_limit": null,
  "org_creation_users": "",
  "org_events_enabled": false,
  "org_groups_enabled": false,
  "password_hints_allowed": true,
  "password_iterations": 100000,
  "push_enabled": false,
  "push_identity_uri": "https://identity.bitwarden.com",
  "push_installation_id": "***",
  "push_installation_key": "***",
  "push_relay_uri": "https://push.bitwarden.com",
  "reload_templates": false,
  "require_device_email": false,
  "rsa_key_filename": "data/rsa_key",
  "send_purge_schedule": "0 5 * * * *",
  "sendmail_command": null,
  "sends_allowed": true,
  "sends_folder": "data/sends",
  "show_password_hint": false,
  "signups_allowed": true,
  "signups_domains_whitelist": "*********,******************************",
  "signups_verify": true,
  "signups_verify_resend_limit": 6,
  "signups_verify_resend_time": 3600,
  "smtp_accept_invalid_certs": false,
  "smtp_accept_invalid_hostnames": false,
  "smtp_auth_mechanism": null,
  "smtp_debug": false,
  "smtp_embed_images": true,
  "smtp_explicit_tls": null,
  "smtp_from": "*******************",
  "smtp_from_name": "Bitwarden FL3XX",
  "smtp_host": "*******************",
  "smtp_password": "***",
  "smtp_port": 587,
  "smtp_security": "starttls",
  "smtp_ssl": null,
  "smtp_timeout": 15,
  "smtp_username": "********",
  "templates_folder": "data/templates",
  "tmp_folder": "data/tmp",
  "trash_auto_delete_days": null,
  "trash_purge_schedule": "0 5 0 * * *",
  "use_sendmail": false,
  "use_syslog": false,
  "user_attachment_limit": null,
  "user_send_limit": null,
  "web_vault_enabled": true,
  "web_vault_folder": "web-vault/",
  "yubico_client_id": null,
  "yubico_secret_key": null,
  "yubico_server": null
}

Vaultwarden Build Version

1.32.2

Deployment method

Official Container Image

Custom deployment method

Image

This is a new user, has no ownership of the org vault, and we just want it deleted.
The email is korri.courtois@fl3xx.com
our vault is https://locker.fl3xx.com/

Reverse Proxy

linux / x86_64

Host/Server Operating System

Linux

Operating System Version

No response

Clients

Web Vault

Client Version

1.32.2

Steps To Reproduce

  1. Go to users and try to delete the user Korri courtois

Expected Result

error

Actual Result

Image

Logs


Screenshots or Videos

No response

Additional Context

No response

Originally created by @lipy41 on GitHub (Jun 5, 2025). ### Vaultwarden Support String ### Your environment (Generated via diagnostics page) * Vaultwarden version: v1.32.2 * Web-vault version: v2024.6.2c * OS/Arch: linux/x86_64 * Running within a container: true (Base: Debian) * Environment settings overridden: true * Uses a reverse proxy: true * IP Header check: true (X-Real-IP) * Internet access: true * Internet access via a proxy: false * DNS Check: true * Browser/Server Time Check: true * Server/NTP Time Check: true * Domain Configuration Check: true * HTTPS Check: true * Database type: SQLite * Database version: 3.46.0 * Clients used: * Reverse proxy and version: * Other relevant information: ### Config (Generated via diagnostics page) <details><summary>Show Running Config</summary> **Environment settings which are overridden:** SIGNUPS_DOMAINS_WHITELIST ```json { "_duo_akey": null, "_enable_duo": false, "_enable_email_2fa": true, "_enable_smtp": true, "_enable_yubico": true, "_icon_service_csp": "", "_icon_service_url": "", "_ip_header_enabled": true, "_max_note_size": 10000, "_smtp_img_src": "cid:", "admin_ratelimit_max_burst": 3, "admin_ratelimit_seconds": 300, "admin_session_lifetime": 20, "admin_token": "***", "allowed_iframe_ancestors": "", "attachments_folder": "data/attachments", "auth_request_purge_schedule": "30 * * * * *", "authenticator_disable_time_drift": false, "data_folder": "data", "database_conn_init": "", "database_max_conns": 10, "database_timeout": 30, "database_url": "***************", "db_connection_retries": 15, "disable_2fa_remember": false, "disable_admin_token": false, "disable_icon_download": false, "domain": "*****://****************", "domain_origin": "*****://****************", "domain_path": "", "domain_set": true, "duo_context_purge_schedule": "30 * * * * *", "duo_host": null, "duo_ikey": null, "duo_skey": null, "duo_use_iframe": false, "email_2fa_auto_fallback": false, "email_2fa_enforce_on_verified_invite": false, "email_attempts_limit": 3, "email_change_allowed": true, "email_expiration_time": 600, "email_token_size": 6, "emergency_access_allowed": true, "emergency_notification_reminder_schedule": "0 3 * * * *", "emergency_request_timeout_schedule": "0 7 * * * *", "enable_db_wal": true, "enable_websocket": true, "enforce_single_org_with_reset_pw_policy": false, "event_cleanup_schedule": "0 10 0 * * *", "events_days_retain": null, "experimental_client_feature_flags": "fido2-vault-credentials", "extended_logging": true, "helo_name": null, "hibp_api_key": null, "http_request_block_non_global_ips": true, "http_request_block_regex": null, "icon_blacklist_non_global_ips": true, "icon_blacklist_regex": null, "icon_cache_folder": "data/icon_cache", "icon_cache_negttl": 259200, "icon_cache_ttl": 2592000, "icon_download_timeout": 10, "icon_redirect_code": 302, "icon_service": "internal", "incomplete_2fa_schedule": "30 * * * * *", "incomplete_2fa_time_limit": 3, "increase_note_size_limit": false, "invitation_expiration_hours": 120, "invitation_org_name": "FL3XX", "invitations_allowed": true, "ip_header": "X-Real-IP", "job_poll_interval_ms": 30000, "log_file": "/data/bw.log", "log_level": "info", "log_timestamp_format": "%Y-%m-%d %H:%M:%S.%3f", "login_ratelimit_max_burst": 10, "login_ratelimit_seconds": 60, "org_attachment_limit": null, "org_creation_users": "", "org_events_enabled": false, "org_groups_enabled": false, "password_hints_allowed": true, "password_iterations": 100000, "push_enabled": false, "push_identity_uri": "https://identity.bitwarden.com", "push_installation_id": "***", "push_installation_key": "***", "push_relay_uri": "https://push.bitwarden.com", "reload_templates": false, "require_device_email": false, "rsa_key_filename": "data/rsa_key", "send_purge_schedule": "0 5 * * * *", "sendmail_command": null, "sends_allowed": true, "sends_folder": "data/sends", "show_password_hint": false, "signups_allowed": true, "signups_domains_whitelist": "*********,******************************", "signups_verify": true, "signups_verify_resend_limit": 6, "signups_verify_resend_time": 3600, "smtp_accept_invalid_certs": false, "smtp_accept_invalid_hostnames": false, "smtp_auth_mechanism": null, "smtp_debug": false, "smtp_embed_images": true, "smtp_explicit_tls": null, "smtp_from": "*******************", "smtp_from_name": "Bitwarden FL3XX", "smtp_host": "*******************", "smtp_password": "***", "smtp_port": 587, "smtp_security": "starttls", "smtp_ssl": null, "smtp_timeout": 15, "smtp_username": "********", "templates_folder": "data/templates", "tmp_folder": "data/tmp", "trash_auto_delete_days": null, "trash_purge_schedule": "0 5 0 * * *", "use_sendmail": false, "use_syslog": false, "user_attachment_limit": null, "user_send_limit": null, "web_vault_enabled": true, "web_vault_folder": "web-vault/", "yubico_client_id": null, "yubico_secret_key": null, "yubico_server": null } ``` </details> ### Vaultwarden Build Version 1.32.2 ### Deployment method Official Container Image ### Custom deployment method <img width="1272" alt="Image" src="https://github.com/user-attachments/assets/d23e78a0-1cea-4730-a4c3-3bad6a4dbf96" /> This is a new user, has no ownership of the org vault, and we just want it deleted. The email is korri.courtois@fl3xx.com our vault is https://locker.fl3xx.com/ ### Reverse Proxy linux / x86_64 ### Host/Server Operating System Linux ### Operating System Version _No response_ ### Clients Web Vault ### Client Version 1.32.2 ### Steps To Reproduce 1. Go to users and try to delete the user Korri courtois ### Expected Result error ### Actual Result <img width="1272" alt="Image" src="https://github.com/user-attachments/assets/6c7497b2-fbb8-4d2d-b869-3e6b865c8343" /> ### Logs ```text ``` ### Screenshots or Videos _No response_ ### Additional Context _No response_
GiteaMirror added the bug label 2026-03-07 20:42:46 -06:00
Author
Owner

@stefan0xC commented on GitHub (Jun 5, 2025):

This is a new user, has no ownership of the org vault, and we just want it deleted.

Well, according to screenshot you posted the user is the owner of an organization:
Image

You should be able to first delete the FL3XX organization where the user is the owner of and then you can delete the user account.

@stefan0xC commented on GitHub (Jun 5, 2025): > This is a new user, has no ownership of the org vault, and we just want it deleted. Well, according to screenshot you posted the user is the owner of an organization: ![Image](https://github.com/user-attachments/assets/2788aeb7-f502-4a06-b822-61f03b45f070) You should be able to first delete the `FL3XX` organization where the user is the owner of and then you can delete the user account.
Author
Owner

@lipy41 commented on GitHub (Jun 5, 2025):

She is not owner.. and she doesn't even appear as a user within that org.
Deleting the ORG is impossible for us, we're talking a big company vault.
This user is a new employee who just joined, and no admin role or ownership was given to her..

@lipy41 commented on GitHub (Jun 5, 2025): She is not owner.. and she doesn't even appear as a user within that org. Deleting the ORG is impossible for us, we're talking a big company vault. This user is a new employee who just joined, and no admin role or ownership was given to her..
Author
Owner

@lipy41 commented on GitHub (Jun 5, 2025):

Im stuck in a endless loop..it seems

@lipy41 commented on GitHub (Jun 5, 2025): Im stuck in a endless loop..it seems
Author
Owner

@lipy41 commented on GitHub (Jun 5, 2025):

do you mean this:

Image

Will this not delete the ORG vault, just the individual vault?

@lipy41 commented on GitHub (Jun 5, 2025): do you mean this: <img width="1290" alt="Image" src="https://github.com/user-attachments/assets/1b4fcded-d105-4ee0-80e8-696b0bb428ae" /> Will this not delete the ORG vault, just the individual vault?
Author
Owner

@lipy41 commented on GitHub (Jun 5, 2025):

Where do I find the UUID of the ORG?

@lipy41 commented on GitHub (Jun 5, 2025): Where do I find the UUID of the ORG?
Author
Owner

@stefan0xC commented on GitHub (Jun 5, 2025):

This is a separate organization, I assume the one with multiple entries is your main organization.

Image
edit: The UUID of an organization is displayed in this list underneath the organization name and associated email

btw: I think you can prevent users from creating their own organization, eg. by restricting it to certain users or none:
0d3f283c37/.env.template (L268-L274)

@stefan0xC commented on GitHub (Jun 5, 2025): This is a separate organization, I assume the one with multiple entries is your main organization. ![Image](https://github.com/user-attachments/assets/f0c5673c-f08f-41c2-b40f-41a16c1b8cb1) edit: The UUID of an organization is displayed in this list underneath the organization name and associated email btw: I think you can prevent users from creating their own organization, eg. by restricting it to certain users or `none`: https://github.com/dani-garcia/vaultwarden/blob/0d3f283c3720b82e97c1aa383a66ebc8b4951dfb/.env.template#L268-L274
Author
Owner

@lipy41 commented on GitHub (Jun 5, 2025):

Thanks it worked!

@lipy41 commented on GitHub (Jun 5, 2025): Thanks it worked!
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/vaultwarden#5929