Rudder

The current default is 60 days for the rudder.users.cleanup.account.disableAfterLastLogin configuration property : any user that did not log in a period of 60 days are disabled.
The disable reason is also empty in the users table (in the statushistory column) :

{"actor": {"name": "rudder"}, "reason": "", "actionDate": "2024-09-17T10:00:00.000Z"}, "status": "disabled"}

We should set it to a longer period of time by default : 90 days, because users should be able to leave a Rudder instance unused for a longer period of time, as demonstrated by some client use cases.
The configuration value should still be modifiable, and the never value should be a supported one (a documentation should be added in the configuration.properties.sample file).
Also, a known admin user should not be disabled.

We should also add a reason in the trace, e.g. "User did not login for too long" and log the disabling of users with a warning log (see also #25478).

Also, rudder.users.cleanup.account.deleteAfterLastLogin should only apply on already disabled users only (therefore the value of 120.days seems reasonable)

We should also update the doc and sample for the configuration parameters.