Identity management service to centralize account creation/settings, access groups for Wikimedia Developer accounts.
See https://wikitech.wikimedia.org/wiki/IDM
As of 2023, stewarded by Infrastructure-Foundations
Details
Details
Fri, Oct 3
Fri, Oct 3
hashar added a comment to T388662: Disable BarryTheBrowserTestBot LDAP account.
I can confirm the BarryTheBrowserTestBot account is now inactive in Gerrit. From the All-Users.git database:
$ git show commit 94c67416a2c1adc8bde631e6c9e72701915e424f (HEAD -> users/53/2653, origin/users/53/2653) Author: [BOT] Gerrit Code Review <gerrit@wikimedia.org> Date: Fri Oct 3 06:39:58 2025 +0000
Stashbot added a comment to T388662: Disable BarryTheBrowserTestBot LDAP account.
Mentioned in SAL (#wikimedia-releng) [2025-10-03T06:42:11Z] <hashar> gerrit set-account BarryTheBrowserTestBot --inactive # T388662 T390070
hashar added a comment to T388662: Disable BarryTheBrowserTestBot LDAP account.
As part of this task I found out that the logic to ban an account in Gerrit was not migrated from the wikitech-l MediaWiki hook to Bitu. Blocks were ineffective. I went to implement support for blocking users in Gerrit by porting the PHP code to Python. This was done via T390070
Tue, Sep 23
Tue, Sep 23
Maintenance_bot removed a project from T404430: Bitu: In account blocking also allow to remove an email address: Patch-For-Review.
gerritbot added a comment to T404430: Bitu: In account blocking also allow to remove an email address.
Change #1190198 merged by jenkins-bot:
[operations/software/bitu@master] User Block: Add option for unsetting email address
Mon, Sep 22
Mon, Sep 22
gerritbot added a comment to T404430: Bitu: In account blocking also allow to remove an email address.
Change #1190198 had a related patch set uploaded (by Slyngshede; author: Slyngshede):
[operations/software/bitu@master] User Block: Add option for unsetting email address
Thu, Sep 18
Thu, Sep 18
Maintenance_bot removed a project from T403691: Only make permissions requestable once: Patch-For-Review.
gerritbot added a comment to T403691: Only make permissions requestable once.
Change #1189390 merged by jenkins-bot:
[operations/software/bitu@master] Release version 0.1.13
gerritbot added a comment to T403691: Only make permissions requestable once.
Change #1189390 had a related patch set uploaded (by Slyngshede; author: Slyngshede):
[operations/software/bitu@master] Release version 0.1.13
Wed, Sep 17
Wed, Sep 17
Maintenance_bot removed a project from T403691: Only make permissions requestable once: Patch-For-Review.
gerritbot added a comment to T403691: Only make permissions requestable once.
Change #1188719 merged by jenkins-bot:
[operations/software/bitu@master] Permissions: Prevent duplicate permission requests
Tue, Sep 16
Tue, Sep 16
SLyngshede-WMF changed the status of T403691: Only make permissions requestable once from Open to In Progress.
gerritbot added a comment to T403691: Only make permissions requestable once.
Change #1188719 had a related patch set uploaded (by Slyngshede; author: Slyngshede):
[operations/software/bitu@master] Permissions: Prevent duplicate permission requests
Fri, Sep 12
Fri, Sep 12
MoritzMuehlenhoff triaged T404430: Bitu: In account blocking also allow to remove an email address as Low priority.
Mon, Sep 8
Mon, Sep 8
Sun, Sep 7
Sun, Sep 7
striker_admin@m5-master.eqiad.wmnet(striker)> update labsauth_labsuser set sulname = null, sulemail = null, oauthtoken = null, oauthsecret = null where shellname = 'josef1992'; Query OK, 1 row affected (0.002 sec) Rows matched: 1 Changed: 1 Warnings: 0
bd808 added a comment to T403906: Unlink SUL account JosefAnthony from Developer account josef1992.
Neither Developer account has been linked with a SUL account via Bitu (idm.wikimedia.org).
Aklapper renamed T403906: Unlink SUL account JosefAnthony from Developer account josef1992 from Request to remove duplicate Wikimedia Developer account josef1992 linked to Wikimedia account JosefAnthony to Unlink SUL account JosefAnthony from Developer account josef1992.
JJMC89 edited projects for T403906: Unlink SUL account JosefAnthony from Developer account josef1992, added: Bitu, cloud-services-team; removed Wikimedia-Site-requests, Cloud-Services.
Sep 4 2025
Sep 4 2025
Aug 28 2025
Aug 28 2025
SLyngshede-WMF added a comment to T392350: Logging out of idm does not log me out.
@Arendpieter Yes, that's the same issue, and you are correct that the fix needs to go into the cas-overlay-template repo as it's an update/bugfix in Apereo CAS, which runs idp.wikimedia.org (not to be confused with idm.wikimedia.org).
Arendpieter added a comment to T392350: Logging out of idm does not log me out.
Aug 18 2025
Aug 18 2025
SLyngshede-WMF triaged T401731: Permission request emails need additional line breaks as Low priority.
SLyngshede-WMF triaged T401720: Pending permission request pages should render line breaks as Low priority.
Aug 12 2025
Aug 12 2025
Novem_Linguae updated the task description for T401731: Permission request emails need additional line breaks.
Jul 20 2025
Jul 20 2025
I am not sure there was a follow up on this but after it was restarted, it was all working fine for a week so I am going to close this as fixed.
Aklapper added a comment to T399356: https://idp.wikimedia.org/ down.
What was found out on Monday?
Jul 14 2025
Jul 14 2025
Maintenance_bot removed a project from T355663: Allocate more available UNIX UIDs for human users: Patch-For-Review.
gerritbot added a comment to T355663: Allocate more available UNIX UIDs for human users.
Change #1169250 merged by Ssingh:
[operations/puppet@production] admin: schema.yaml: bump max for uid
gerritbot added a comment to T355663: Allocate more available UNIX UIDs for human users.
Change #1169250 had a related patch set uploaded (by Ssingh; author: Ssingh):
[operations/puppet@production] admin: schema.yaml: bump max for uid
gerritbot added a comment to T355663: Allocate more available UNIX UIDs for human users.
Change #1169235 merged by Ssingh:
[operations/puppet@production] admin: data_test.py: bump system_uid_max to 499999
gerritbot added a project to T355663: Allocate more available UNIX UIDs for human users: Patch-For-Review.
gerritbot added a comment to T355663: Allocate more available UNIX UIDs for human users.
Change #1169235 had a related patch set uploaded (by Ssingh; author: Ssingh):
[operations/puppet@production] admin: data_test.py: bump system_uid_max to 499999
Jul 13 2025
Jul 13 2025
Peachey88 added a comment to T399356: https://idp.wikimedia.org/ down.
wikimedia-sre
<marostegui> idp is down? <marostegui> I get icinga or orchestrator with: upstream connect error or disconnect/reset before headers. retried and the latest reset reason: connection failure <marostegui> https://idp.wikimedia.org/ is down yep <marostegui> https://phabricator.wikimedia.org/T399356 created this <moritzm> marostegui: I've restarted Tomcat and it's working again, I'll have a closer log at the logs on Monday <marostegui> moritzm: thank you <3
Jul 12 2025
Jul 12 2025
joanna_borun added a comment to T399356: https://idp.wikimedia.org/ down.
IDP seems to be back to normal. Decreasing the priority and leaving the investigation for Monday.
Willy1018 added a comment to T399356: https://idp.wikimedia.org/ down.
It seems to be normal now, are you still having problems?
Jul 9 2025
Jul 9 2025
fnegri moved T364605: Move Striker to Bitu username validation API from In progress to Done on the cloud-services-team (FY2024/2025-Q3-Q4) board.
Jul 8 2025
Jul 8 2025