Do you have a dumb question that you're kind of embarrassed to ask in the main thread? Is there something you're just not sure about?
This is your opportunity to ask questions. No question too simple or too silly.
Culture war topics are accepted, and proposals for a better intro post are appreciated.
Jump in the discussion.
No email address required.
Notes -
No, it's more like:
stage 1: "when you receive an incident about no access, it should contain the number of the access request ticket. If it doesn't, click this button and ask the user for it. Copy the number and open it in the the incident management system. The bot should have written the list of groups in this field. If the names of the groups don't immediately tell you which one is responsible for the access, open the document at that link and find the description of the groups there. Open AD, get the CN of the user from that field, put it in like this and look at the groups they are a member of. If they are a member..."
stage 2: "as you've noticed, we use AD membership for both authN and authZ. There are a few issues with the pipeline. First, the author of the access control document can make a mistake when filling in the request ticket template. Then, the ticket software itself is still barely out of the MVP stage and has some integration errors with the incident management system. Finally, our authZ backend has terrible UX for the access admins. Now you can see why there is a constant trickle of tickets 2LS can't handle and why we handle it the way it is. We have a meeting with the head of 2LS later today, here's what I'm going to ask from them to minimize the flow, do you have any suggestions?"
stage 3: "I really like your idea about automatically validating our access control document against AD and turning it into the ticket template and I want to ask you to drive it forward. If you want, I can sit with you on the first few meetings to demonstrate my support, but I am completely sure you can handle everything else. You know what to do when they invariably ask for money, we've handled this together when we restructured our authZ backend"
stage 4: "Any new issues with authZ? Great, let me know if you can be done with it by the next Thursday, I've emailed you the new idea our infosec came up with"
More options
Context Copy link