The WMF LDAP group is often mistaken for the "employee" default group. The purpose of this task is to eliminate this misconception by embracing it.
This task has several parts:
- Audit the WMF LDAP group to know what permissions it currently has. Ensure this set of permissions matches what is recorded in wikitech.
- Coordinate with stakeholders and decide on a minimum set of permissions that all employees should have (preferably ro).
- Break out other needed permissions into another group(s).
- Implement and update clinic duty and onboarding documentation.