Friday, 20 January 2017 12:47

The great Australian citizen 28m Active Directory domain


A Reddit posting says the Australian Government may be looking at Active Directory to authenticate 28 million Australian citizens in a future public-facing website.

The sysadmin subreddit was intrigued, entertained and even stunned when user an-anarchist posted for help on setting up external Active Directory authentication for 28+ million users. That's right, 28,000,000 users.

Reddit users probed what was the actual use case for such a scenario? Why that's the population of an entire country, posters mused, and before long Internet sleuths uncovered an-anarchist was indeed working on behalf of the Australian Government.

The project, he explained, was for external authentication such as may be used on a public-facing website, rather than an internal network of users and file shares and printers and email. He further confirmed the project is entire "country level."

The poster denied the system was for the Australian Tax Office but did not reply to a question asking if it was Census related.

Further probing resulted in an explanation this solution necessitated Active Directory because that was the recommendation external contractors came up with over a year of work, before handing it to an-anarchist and team to implement in several weeks. The user touted security compliance as the greatest reason why Active Directory had been mandated.

The price of external Active Directory connector licensing was estimated in the topic to be $300,000 alone, with one happy Microsoft salesman no doubt delighted to be awarded such a contract in the public sector market.

Fortunately, an-anarchist stated they were up for the challenge and that it was an "interesting project", though he/she conceded management was "aware of how bad it is but are hoping this car about to drive off a cliff can grow wings".

The consultant's designs called for a full "cluster" with two virtual machines, each having two virtual CPUs and 4GB of RAM. The second virtual machine was for replication only. "Luckily we get to actually build this how we want," the user stated.

The posting went on to explain the infrastructure would be two sites with only a single 100Mbit VPN connection per site. Some data would be pre-populated but all users would need account initialisation, causing an initial "big bang" of data flow.

Readers continued to recommend Microsoft be involved while lamenting management tendencies to present solutions, rather than problems, to technical folk.

While forum postings are not, in themselves, official statements, let's not forget the infamous 2014 Reddit post where a Clinton systems administrator sought advice in stripping out a "very VIP" email address from a bunch of archived emails. Fast forward to 2016 and this posting was unearthed as relating to Hillary Clinton's use of an unauthorised e-mail server while US Secretary of State.

In time, will we see this Reddit post surface when we speak of the revived Australia card? The tremendous success of the 2021 Census? The single Australian email server? The Department of Immigration tracking system? Time will tell ...


26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more


David M Williams

David has been computing since 1984 where he instantly gravitated to the family Commodore 64. He completed a Bachelor of Computer Science degree from 1990 to 1992, commencing full-time employment as a systems analyst at the end of that year. David subsequently worked as a UNIX Systems Manager, Asia-Pacific technical specialist for an international software company, Business Analyst, IT Manager, and other roles. David has been the Chief Information Officer for national public companies since 2007, delivering IT knowledge and business acumen, seeking to transform the industries within which he works. David is also involved in the user group community, the Australian Computer Society technical advisory boards, and education.



Recent Comments