I have no idea which project to put this in. I'd like to assign a new employee, dcausse, a ticket protected by the wikimedia-nda. He says he's signed the nda and I don't know what to do beyond ask here to get him into the group.
Description
Description
Event Timeline
Comment Actions
@dcausse, can you link your Phabricator account with your WMF Wikimedia account, as a way to link consistently this account with your WMF identity, please? Currently your account is linked to LDAP only, and not to an account identified with "WMF".
https://www.mediawiki.org/wiki/Phabricator/Help#Creating_your_account
Comment Actions
Looks like that account created itself on enwiki, rather than being created properly by someone else (e.g. OIT)? https://en.wikipedia.org/wiki/Special:Log/DCausse_(WMF)
I don't think those creations are supposed to be on enwiki either
Comment Actions
The 4 accounts (enwiki, office, collab, wmf.org) were already created when I opened my wmf gmail the first time.
For enwiki I have 2 mails :
- Wikipedia email address confirmation
- Account details on Wikipedia : Someone (probably you, from IP address w.x.y.z) requested a reset of your password for Wikipedia
For other accounts I have only one mail (eg. Account creation for Wikimedia Office)
The IP w.x.y.z resolves to a host in the wikimedia.org domain, I can send a copy of this mail it it helps.
Comment Actions
Ops has requested that OIT confirm that dcausse really is an employee, and explain why his account is funky (per comments above). Thanks!
Also, from IRC:
(09:07:57 AM) Krenair: The account appears to have been created by someone who was not logged in, on a wiki where WMF accounts should not be being manually created.
Comment Actions
According to my onboarding and HR records, yes, David Causse is a remote regular employee working in Search for Thomasz.
Krenair: Yes, typically (WMF) SUL accounts should be created on wiki using a logged in account.
However, we have no way to STOP someone from doing it themselves, and once it's created, it might as well stay.
Who should this ticket bounce back to?
Comment Actions
How do you check HR records? That would be useful for ops to speed up the process for these re-occuring tickets.
Comment Actions
sadly there isn't an easy way to confirm that a phab account is linked to an @wikimedia google account, though I could conceivably create a script to do that for verification purposes, if that would be useful.
Comment Actions
@Dzahn: Request access to the Staffing and Tracking Google Doc. That's what I cross check.
Comment Actions
Someone could email a secret phrase to his @wikimedia account (or just chat with him in a text hangout since that's tied to his google account), and have him paste that phrase into a comment in this ticket.
Comment Actions
@greg I am punting this in your direction :)
Synopsis is: previously we used the (WMF) nature of a linked MW account to verify employee and thereby NDA status. The account in question was created by an anon user and so throws into doubt the linkability / viability of it as a verified staff account. i.e. it should have been banned out the gate already no?
I'm not sure what the process for this should be or how to verify things are OK. I honestly don't think there is any real controversy here other than making double sure everything is above board but the semantics of this problem seem to land on the doorstep of the owner of phab :)
Comment Actions
I disavow all responsibility of managing the wmf-nda process.
The process should be: whenever a new employee is having accounts created, the Phab one is done as well. We will perennially have this issue ("who has an NDA? where can I check? Why am I emailing someone to look in a file folder?") unless it's all one process.
If people are comfortable with the account being for who it says it's for, then do it.
Personally: I can't manage all wmf-nda access requests; decidedly not my duty. I have no special access/knowledge compared to eg OIT's onboarding/offboarding process (in fact, much less).
Comment Actions
I've checked the account, I can confirm this is a legitimate WMF staff account tied to a confirmed WMF email address. I'd be ok with NDA status being granted based on this.