Hard to create an LDAP account
Yesterday I was supporting a newcomer to the GNOME project who needed an LAP account in order help with a survey on surveys.gnome.org. I've been contributing to GNOME for well over a decade, for most of which I have worked on it full time. Yet I struggled and eventually found it impossible to figure out how to create the account.
I had a similar issue a while back trying to give a new contributor access to a document in cloud.gnome.org, which makes me think that this is a more general issue.
Most of the issues seemed to be around documentation so should be fairly easy to fix. Specific issues I encountered...
Hard to find documentation on accounts.gnome.org
- None of my Google searches turned up anything useful, for example "gnome ldap account". It just returns user docs.
- The wiki home page doesn't mention accounts.
- The how to contribute pages don't mention accounts (to be fair, this page needs a rewrite or to be removed).
- The relevant page of the Newcomers guide assumes you're not using ldap.
- None of the services I've looked at mention LDAP or how to create accounts or their login screens. This includes Gitlab, cloud.gnome.org, chat.gnome.org, and account.gnome.org itself.
The documentation is confusing
- The main documentation is found under "Accounts Team". People look for documentation about the service, not the team that's providing it.
- When you do get to Accounts Team, it doesn't mention LDAP and only makes a passing reference to accounts.gnome.org. There's no mention of the various services you can log into or how those accounts are managed. The main thing that you're looking for - instructions for how to create an account - are hidden, buried at the bottom.
- When you do find the correct page again there's no mention of ldap or the different services you can log into. It just mentions Git accounts which, if you aren't looking to use Git, is misleading.
LDAP accounts assume that you're a developer
- The new accounts page says that you need to have submitted "a reasonable number of patches" before applying for an account. This is obviously inappropriate for non-developers.
- As part of requesting an account, you are required to provide a public ssh key. People who are not developers will not have this.
Finally, account requests are done by filing a ticket in Gitlab, which first requires you to log in. This is confusing. The person I was helping got tripped up by it - they thought they now had a GNOME account because they'd logged in to Gitlab. (My personal opinion: someone should be able to use GNOME infrastructure without first having a Google/Github/Gitlab account.)
Suggestions
Some suggestions on how to improve this:
- Rebrand the Accounts Team page, to "GNOME Accounts" or "Infrastructure Accounts" or "Accessing GNOME Services". To this page, add:
- An overview of the accounts and services available, including what can be used through LDAP. Explain that some services, like Gitlab can be used using an external login. Explain when someone should and shouldn't apply for an LDAP account.
- A prominent link to request an account
- To start with, link to the accounts page from the wiki home page and the login pages of each service
It would also be good to investigate the patch and ssh key requirements.