Fi 🏳️⚧️Hey so how's ActiveDirectory going to implement that OS-based age-flag horseshit?
nyanbinary
@munin giving a kid access to an AD environment must be some form of child abuse, right?
afaik the law makes no exemptions for business systems used, presumably, entirely by adults.
So now, everyone's AD installs have to attest to their age; It's The Law after all.
So your temporarily instantiated admin account you're using to modify a service - that's going to need to attest you're over 18.
Is it going to pull that information from HR? is it going to make you answer a dialogue when you login? How is this going to be implemented in business systems that are, again, almost guaranteed to be only used by adults?
@munin fwiw, its not entirely by adults, we have the odd minor on an internship/trainee - rare but still enough the assumption doesn't hold.
The entire thing is ... technically conceptually easy, good luck implementing it: Add another field to users, then adapt all your automations to pull/maintain that field. Chances are you already have an information flow from your HR system (as the employment single source of truth) to your AD re: account creation & disabling. Same with admins: I sure hope you can track temporary accounts to their instantiators/initiators, "just" gotta update those tools now 
It's all so fucking stupid & unnecessary. It's such a bad law, even just technically, feels like not a single person who has ever used anything other than an IPad was involved in writing it.
@munin it's so fucking useless, istg, we should just pull out of CA, chances are any changes to implement this thing would cost us more than we make in the state...
@munin oh lol, I just realized... local accounts on firewalls and shit...
GunChleoc@nyanbinary @munin Good point. When is www-data's birthday again?