The sysadmin subreddit was intrigued, entertained and even stunned when user an-anarchist posted for help on setting up external Active Directory authentication for 28+ million users. That's right, 28,000,000 users.
Reddit users probed what was the actual use case for such a scenario? Why that's the population of an entire country, posters mused, and before long Internet sleuths uncovered an-anarchist was indeed working on behalf of the Australian Government.
The project, he explained, was for external authentication such as may be used on a public-facing website, rather than an internal network of users and file shares and printers and email. He further confirmed the project is entire "country level."
Further probing resulted in an explanation this solution necessitated Active Directory because that was the recommendation external contractors came up with over a year of work, before handing it to an-anarchist and team to implement in several weeks. The user touted security compliance as the greatest reason why Active Directory had been mandated.
The price of external Active Directory connector licensing was estimated in the topic to be $300,000 alone, with one happy Microsoft salesman no doubt delighted to be awarded such a contract in the public sector market.
Fortunately, an-anarchist stated they were up for the challenge and that it was an "interesting project", though he/she conceded management was "aware of how bad it is but are hoping this car about to drive off a cliff can grow wings".
The consultant's designs called for a full "cluster" with two virtual machines, each having two virtual CPUs and 4GB of RAM. The second virtual machine was for replication only. "Luckily we get to actually build this how we want," the user stated.
The posting went on to explain the infrastructure would be two sites with only a single 100Mbit VPN connection per site. Some data would be pre-populated but all users would need account initialisation, causing an initial "big bang" of data flow.
Readers continued to recommend Microsoft be involved while lamenting management tendencies to present solutions, rather than problems, to technical folk.
While forum postings are not, in themselves, official statements, let's not forget the infamous 2014 Reddit post where a Clinton systems administrator sought advice in stripping out a "very VIP" email address from a bunch of archived emails. Fast forward to 2016 and this posting was unearthed as relating to Hillary Clinton's use of an unauthorised e-mail server while US Secretary of State.
In time, will we see this Reddit post surface when we speak of the revived Australia card? The tremendous success of the 2021 Census? The single Australian email server? The Department of Immigration tracking system? Time will tell ...