Mozillians/One Phonebook to Rule Them All: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
Line 21: Line 21:
# '''Contributor-Facing Services''': <strike>cvs.mozilla.org,</strike> hg.mozilla.org, svn.mozilla.org, bzr.mozilla.org
# '''Contributor-Facing Services''': <strike>cvs.mozilla.org,</strike> hg.mozilla.org, svn.mozilla.org, bzr.mozilla.org
# '''Staff-Only Services''': Wifi, Vidyo, Zimbra, Shell servers
# '''Staff-Only Services''': Wifi, Vidyo, Zimbra, Shell servers
# '''Zimbra''': location and employee-status based distribution lists are generated from LDAP
# '''All "internal" Mozilla websites'''
# '''All "internal" Mozilla websites'''
#* intranet.mozilla.org
#* intranet.mozilla.org

Revision as of 17:24, 18 April 2012

Goal

Have only one Mozillian Phonebook by deprecating the Internal Phonebook and off-load its capabilities to other systems.

Needs

Mozillians Phonebook

  1. All fields in the Internal Phonebook are in the Mozillians Phonebook.

Contributor Authentication LDAP Services

  1. Mozillians Phonebook should be able to share Vouched Mozillians (and greater levels) with our MozSpaces pieces of functionality (Wi-Fi and Vidyo)

LDAP Service

  1. Mozillians Phonebook should be able to determine who is an employee using an @mozilla.com, @mozilla.org (there are non- or ex-employees with @mozilla.org) or @mozillafoundation.org e-mail account
    1. This is a little more complicated. Contractors get @mozilla.com addresses but aren't employees. Auto-generated Zimbra lists use the employeeType to generate lists.
    2. employeeType will be auto-populated from Workday
    3. Employee (paid staff) isn't based on email address
  2. Mozillians Phonebook should be able to determine who has committer access to cvs.mozilla.org, hg.mozilla.org, svn.mozilla.org, bzr.mozilla.org

Analysis

LDAP Usages

  1. Contributor-Facing Services: cvs.mozilla.org, hg.mozilla.org, svn.mozilla.org, bzr.mozilla.org
  2. Staff-Only Services: Wifi, Vidyo, Zimbra, Shell servers
  3. Zimbra: location and employee-status based distribution lists are generated from LDAP
  4. All "internal" Mozilla websites
    • intranet.mozilla.org
    • metrics.mozilla.com
    • mana.mozilla.org
    • ganglia.mozilla.org
    • nagios.mozilla.org
    • arecibo.mozilla.org
    • graphite.mozilla.org
    • ldap.mozilla.org
    • inventory.mozilla.org
    • various others used by small teams internally
  5. General Linux server logins - Too many to list - somewhere around 100 machines
  6. Source of truth for all internal server security - sysadmin accounts for all servers and root access managed by LDAP
  7. Postini
  8. Egnyte (not production yet)
  9. vpn.mozilla.com/org
  10. mpt-vpn.mozilla.org (OpenVPN)
  11. blog.mozilla.org
  12. video.mozilla.org WebDAV access
  13. Single-signon (soon)
    • Workday
    • jobvite
    • bill.com
    • egencia
    • intacct
    • ... more...

Profile Fields between Phonebooks

In order to replace the current internal phonebook, there are a number of fields that are missing from the Mozillian Phonebook that will need to be added for paid staff employees (suggesting a permissions system placed onto the Phonebook). A lot of these fields can be generalized for contributors, but other will need to be restricted access to only paid staff. On a related topic, it may be possible to parse for verification of paid staff as actual paid staff on Mozillians via our internal systems.

Retrieved from "https://wiki.allizom.org/index.php?title=Mozillians/One_Phonebook_to_Rule_Them_All&oldid=421502"