@soworu please have your manager approve this request

Hi @Nuria

Approved for @soworu.

Thank you!

@Dzahn is there an additional step we do to verify employment?

@Nuria Yea, for now we can still check on the corporate LDAP (OIT) servers (though they might be shut down in the future T244792):

So i can confirm this:

[ldap-corp1001:~] $ /usr/bin/ldapsearch -x "mail=sowo*"| egrep 'employeeType|title|manager'
employeeType: Full Time
manager: cn=qgil,ou=people,dc=corp,dc=wikimedia,dc=org
title: CRM Specialist

Change 596397 had a related patch set uploaded (by Dzahn; owner: Dzahn):
[operations/puppet@production] admins: add Segun Oworu to ldap_only_admins (wmf)

https://gerrit.wikimedia.org/r/596397

Change 596397 merged by Dzahn:
[operations/puppet@production] admins: add Segun Oworu to ldap_only_admins (wmf)

https://gerrit.wikimedia.org/r/596397

@soworu You have been added to the "wmf" group. You should now be able to login.

@elukey @Ottomata Please sync soworu's user for Hue access (needed per https://wikitech.wikimedia.org/wiki/Analytics/Cluster/Hue)

For Hue the user must also have shell access and be added to the analytics-privatedata-users group.

Oh, thanks for pointing that out @Ottomata

In this case i am not sure if that is really needed because the related ticket for shell access has been closed as not needed.

@soworu You will have superset and turnilo for now but not hue.

@soworu You will have superset and turnilo

This is all you need to access all data to be clear.

In T252703#6137505, @Nuria wrote:

@soworu You will have superset and turnilo

This is all you need to access all data to be clear.

Thannk you Nuria. Please what details do I use to login into Turnilo and Superset?

@soworu Use the same user/password you used on https://wikitech.wikimedia.org when you created your account there.

links: https://superset.wikimedia.org and https://turnilo.wikimedia.org

In T252703#6142940, @Dzahn wrote:

@soworu Use the same user/password you used on https://wikitech.wikimedia.org when you created your account there.

I still can't login into Superset and Turnilo using my Wikitech login details. Can you help?

In T252703#6152022, @soworu wrote:

In T252703#6142940, @Dzahn wrote:

@soworu Use the same user/password you used on https://wikitech.wikimedia.org when you created your account there.

I still can't login into Superset and Turnilo using my Wikitech login details. Can you help?

Can you login on wikitech wiki itself?

Please try the following variations of the username including the capitalization:

soworu-01 and SOworu

In T252703#6152029, @Dzahn wrote:

Please try the following variations of the username including the capitalization:

soworu-01 and SOworu

I was able to login into Wikitech using SOworu but still cant with both SOworu and soworu-01.

@soworu Try again now, please. Looks like i forgot to add the -01 part when adding you the right group. Sorry about that.

Change 597536 had a related patch set uploaded (by Dzahn; owner: Dzahn):
[operations/puppet@production] admins: fix uid of Segun Oworu

https://gerrit.wikimedia.org/r/597536

@soworu Looks like it works now, i think i just saw you login in the log files, am i right?

In T252703#6152084, @Dzahn wrote:

@soworu Try again now, please. Looks like i forgot to add the -01 part when adding you the right group. Sorry about that.

SUccessfully logged into Superset. Turnilo still a challenge.

In T252703#6152094, @Dzahn wrote:

@soworu Looks like it works now, i think i just saw you login in the log files, am i right?

Yes, i was able to login into Superset, but not successful with Turnilo.

@soworu I found the following comment in the Apache config of superset:

31         # Note: uid is used instead of cn since Superset needs the shell username to properly
32         # create users when they log in.

In turnilo's config i do not see this comment.

For many but not all users UID and CN are the same, but for you they are not.

I think this means you have to use "soworu-01" for superset but "SOworu" for turnilo.

In T252703#6152109, @Dzahn wrote:

@soworu I found the following comment in the Apache config of superset:

31         # Note: uid is used instead of cn since Superset needs the shell username to properly
32         # create users when they log in.

In turnilo's config i do not see this comment.

For many but not all users UID and CN are the same, but for you they are not.

I think this means you have to use "soworu-01" for superset but "SOworu" for turnilo.

SOworu worked. Now in Turnilo. Thanks. Just to inquire, what about Hue? What's the problem with it?

In T252703#6152113, @soworu wrote:

SOworu worked. Now in Turnilo. Thanks.

Great! Excuse the confusion, i was not aware of this difference between the tools either until now.

Just to inquire, what about Hue? What's the problem with it?

For that i'll have to refer to @Nuria

Change 597536 merged by Dzahn:
[operations/puppet@production] admins: fix uid of Segun Oworu

https://gerrit.wikimedia.org/r/597536

Change 597540 had a related patch set uploaded (by Dzahn; owner: Dzahn):
[operations/puppet@production] DHCP: update MAC and FQDN for malmok

https://gerrit.wikimedia.org/r/597540

Change 597540 merged by Dzahn:
[operations/puppet@production] DHCP: update MAC and FQDN for malmok

https://gerrit.wikimedia.org/r/597540

Hue allows you to access Hive and files in HDFS, for which you need a shell account and membership in the analytics-privatedata-users group.

I think all access needed is granted as @soworu is able to access turnilo and superset. I have to say that this is the first time i see that different users are needed , wondering if this is the same issue affecting one of our users that can log into turnilo but not superset.