this post was submitted on 02 May 2026
591 points (100.0% liked)

People Twitter

9902 readers
1104 users here now

People tweeting stuff. We allow tweets from anyone.

RULES:

  1. Mark NSFW content.
  2. No doxxing people.
  3. Must be a pic of the tweet or similar. No direct links to the tweet.
  4. No bullying or international politcs
  5. Be excellent to each other.
  6. Provide an archived link to the tweet (or similar) being shown if it's a major figure or a politician. Archive.is the best way.

founded 2 years ago
MODERATORS
SendMeYourTaTas@sh.itjust.works
pelespirit@sh.itjust.works
591
Taking it slow (lemmy.world)
submitted 10 hours ago by The_Picard_Maneuver@lemmy.world to c/whitepeopletwitter@sh.itjust.works
47 comments fedilink hide all child comments
 
you are viewing a single comment's thread
view the rest of the comments
[–] wizardbeard@lemmy.dbzer0.com 17 points 7 hours ago

It's not always for lack of trying. I spent a year or so building the integration (from a box of scraps!) between the shiny new HR system and our IDP. This integration was supposed to be functional out of the box according to the HR system salesgoblin. It didn't just need to be configured, it needed to be built from scratch because they didn't actually support hybrid AD/Entra setups managed from the AD side. Which was only the unofficial standard for Windows based shops at the time.

Anyway, I wanted to make it grant employees access to shit based off a combo of Job Title and Department. On a technical level, it's basic baby stuff. Concatenate the Dept and Title into a string, use that as the key to a hashtable with the access they need listed. Bish bash bosh, bob's your uncle.

It would have been a cakewalk compared to all the shit I had to build for handling separations and all the data retention shit around those.

But none of the department managers could actually tell us what the fuck their workers needed access to. Like maybe 3% had any idea at all. And I didn't have the team or time to try and do data analytics across the access of everyone at the company just to get an unreliable best guess.

So it just handles setting new hires up with the basic access everyone gets and separations. Still a savings of ~1 hour per employee.

It's been something like 7 years since I built that integration. They're finally going to replace it with a true access management platform. It's cost them multiple millions so far, has an entire new department dedicated to the thing, it has been "in-progress" for two years, and it still hasn't replaced my shit yet.

My favorite part is when they come to me months in to something they're trying to get working, and I'm able to point them at where they made mistaken assunptions at the first step leading to the mess they're currently in.

I provided a ton of in-depth notes on our current standards, the weird gotchas/deviations, every single stumbling block and edge case I had found, all the seemingly logical and safe assumptions that don't actually hold. I don't think they read any of it. I keep asking them to reach out before they start working on a new piece of functionality. They don't.

So now I get to tell them things like "that assumption you built this piece of logic off of will bite you in the ass in this specific way", they say they'll take it under consideration, and I laugh knowing this whole project will probably implode under the weight of incorrect assumptions before it's finished.