Manuel Merz (Wikitech user: Manuel Merz (WMDE), shell username and LDAP uid: manuel-wmde) is no longer a WMDE employee. As a WMDE Engineering Manager I request offboarding from WMF systems.
Potentially incomplete list of permissions involved:
- Disable Phabricator account @Manuel
- Disable Wikitech account
- Remove from wmde LDAP group
- Remove from nda LDAP group
- Revoke production shell access (to confirm, I am not sure he was granted it)
- Revoke WMF Analytics Data access (groups analytics-wmde-users, analytics-privatedata-users, airflow-wmde-admin)
- Adjust priviliged LDAP access (data.yaml)
- Revoke permission to create Phabricator projects (acl*Project-Admins)
- Revoke permissions to access security Phabricator tasks (acl*security) (acl*security_wmde already revoked by the WMDE staff)
- Revoke permissions to access private Phabricator tasks (WMF-NDA)
We might have missed some additional permissions that the user might have been granted. I'd appreciate if WMF staff audited that the person no longer have any staff-related access to WMF systems.