Hi, is there any reason this wouldn't work in conjunction with LDAP? In global configuration 'Project-based Matrix Authorization Strategy' is selected. With an entry ROLE_PROJECT_ACCESS that maps to an LDAP posix group (projectAccess) authorization works as expected, but the users can see all jobs.
In the job configuration 'Enable project-based security' is checked and going with ROLE_PROJECT_ACCESS (trying to map to same LDAP group that worked on global level). Removing the global entry and leaving just the job level configuration users cannot login anymore and get the error '... is missing the read permission'.
Maybe the job level configuration isn't aware of the LDAP nomenclature? Running Jenkins 1.446 on Ubuntu / Jetty.