LDAP access request - add Christian Aistleitner to "nda" (or "wmf")
Closed, ResolvedPublic
Actions

Assigned To

Authored By

	Dzahn
	May 15 2020, 11:00 AM

Description

Christian "@QChris" Aistleitner will be working on the Gerrit upgrade (T200739) as a contractor.

For this he should be able to see Icinga alerts related to it and also schedule downtimes/ACK/etc.

I have created an Icinga contact for him and added him to the existing contactgroup for gerrit. 596624. This means he will have permissions to run commands on these services/hosts related to Gerrit, but not on other ones. (It is _not_ the global override in cgi.cfg, just regular contact privileges for specific services).

What is missing now though is that he is able to get past the login we added in front of Icinga which needs one of the LDAP groups "ops" or "wmf" or "nda".

This request is to add him to the appropriate one. Since "nda" is for volunteers and "wmf" is for employees I am never quite sure which one to use for contractors. Either one will work fine to resolve this ticket.

So we should go through the usual steps to get him on file with an NDA and then add him to the group.

Please note he already has existing shell access with root on the Gerrit servers and therefore a change in puppet is not needed.

Related Objects
Search...

Status	Assigned	Task
Resolved	Dzahn	T165620 Upload gerrit package to stretch apt.wm.org repo
Resolved	Dzahn	T168562 Reimage gerrit2001 as stretch
Resolved	Dzahn	T176532 Gerrit is failing to connect to db on gerrit2001 thus preventing systemd from working
Resolved	Paladox	T214631 Create a plugin that add's recheck as a button to PolyGerrit's ui
Declined	None	T200739 Upgrade to Gerrit 2.16.13
Resolved	Dzahn	T252875 LDAP access request - add Christian Aistleitner to "nda" (or "wmf")

Event Timeline

Dzahn created this task.May 15 2020, 11:00 AM

Restricted Application added a project: SRE. · View Herald TranscriptMay 15 2020, 11:00 AM

Restricted Application added a subscriber: Aklapper. · View Herald Transcript

Dzahn triaged this task as Medium priority.May 15 2020, 11:01 AM

Dzahn added a parent task: T200739: Upgrade to Gerrit 2.16.13.

Dzahn updated the task description. (Show Details)

@KFrancis Could you please contact @QChris to start the NDA process? Or confirm if one already exists (maybe from the past)? Thanks!

@QChris Katie will need some details from you. Sorry if this already happened. The background here is to get you Icinga access as we have talked about.

Dzahn added a subscriber: greg.May 15 2020, 11:06 AM

Paladox added a subscriber: Paladox.May 15 2020, 2:12 PM

@Dzahn, @QChris has an existing NDA on file. Thanks!

Dzahn claimed this task.May 20 2020, 6:20 AM

Thanks @KFrancis

@QChris I added you to the nda group. You should now be able to login to Icinga.

Thanks. Works like a cham now!