A service account used for automated testing (such as a Wyebot sensor) stops working suddenly. Even though the machine tries to connect frequently, the account is marked as "suspended" or "inactive," and access is denied.
OneLogin has a security feature that automatically suspends users who haven't logged in for a long time (for example, 90 days). This option is found in the user policy configuration in the Sign In section/tab.
OneLogin only recognizes manual portal sign-ins as valid activity, so automated machines connecting via background methods like VLDAP are not counted, leading the system to mistakenly suspend these accounts for inactivity despite frequent use.
To fix this, you might need to create a additional User Policy for these accounts so they aren't subject to the "auto-suspend" rule.
Step 1: Create a Duplicate Policy Create a new security policy specifically for "Machine Identities" or automated accounts to ensure you have a separate set of rules that can be applied only to specific service accounts.
Step 2: Disable Auto-Suspend Within this new policy, uncheck the "auto-suspend" option to prevent OneLogin from disabling these accounts regardless of how much time has passed since a manual portal login.
Step 3: Assign the Account to the Policy Move the specific machine or sensor account into this new policy to ensure the "never suspend" rule applies only to the automated service rather than the entire organization.
© 2026 ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center