Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-37856

LDAP Authentication Overall/Read Permissions Missing

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Major Major
    • ldap-plugin
    • Jenkins v1.618
      LDAP Plugin v1.11 & v1.12 (tested both)

      Every few login attempts, our users receive an error that they do not have overall/read permission. These users are part of an LDAP group with Administer permissions.

      The current workaround is to logout and back in until access is given, but this isn't ideal.

      The security section of config.xml is below:

      <useSecurity>true</useSecurity>
  <authorizationStrategy class="hudson.security.GlobalMatrixAuthorizationStrategy">
    <permission>hudson.model.Hudson.Administer:ldapserviceaccount</permission>
    <permission>hudson.model.Hudson.Administer:ldapgroup</permission>
  </authorizationStrategy>
  <securityRealm class="hudson.plugins.active_directory.ActiveDirectorySecurityRealm" plugin="active-directory@1.42">
    <domain>foo.bar.com</domain>
    <site>wetc</site>
    <bindName>CN=foo,OU=bar,OU=foo,OU=bar,DC=foo,DC=bar,DC=com</bindName>
    <bindPassword>blahblahblah=</bindPassword>
    <groupLookupStrategy>AUTO</groupLookupStrategy>
    <removeIrrelevantGroups>false</removeIrrelevantGroups>
  </securityRealm>
  <disableRememberMe>false</disableRememberMe>

        1. config.xml
          18 kB
        2. Untitled.png
          Untitled.png
          23 kB

            Unassigned Unassigned
            zackwhiteit Zack White
            Votes:
            2 Vote for this issue
            Watchers:
            7 Start watching this issue

              Created:
              Updated: