The user is not needed in ldap any more. Having the user in ldap is causing problems installing the gerrit wikimedia deb on labs because the user creates files as gerrit2:nda but it needs to be gerrit2:gerrit2 the user is also created by the deb now but that will fail as the user will be in ldap.
For a little history, it used to be there so we could run local git hooks on the gerrit machine for the puppet repo and then post the results back to Gerrit, but we killed those ages ago (this predates Jenkins talking to gerrit, see for example gerrit 27479.
So I'm pretty sure we can kill it, but I'll want to keep an eye on the error logs on cobalt after we do to make sure there's not some other usage I forgot.
Ok, I'll make the change on Tuesday when you're around (since Monday is a holiday for US staff)
Just did this with @MoritzMuehlenhoff. Shouldn't have any issues, but please reopen if anyone sees something broken.
Mentioned in SAL (#wikimedia-operations) [2021-10-18T19:29:58Z] <mutante> LDAP: removed non-existent user gerrit2 from group labsadminbots (T160122)