Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-37856

LDAP Authentication Overall/Read Permissions Missing

    Details

    • Similar Issues:

      Description

      Every few login attempts, our users receive an error that they do not have overall/read permission. These users are part of an LDAP group with Administer permissions.

      The current workaround is to logout and back in until access is given, but this isn't ideal.

      The security section of config.xml is below:

      <useSecurity>true</useSecurity>
        <authorizationStrategy class="hudson.security.GlobalMatrixAuthorizationStrategy">
          <permission>hudson.model.Hudson.Administer:ldapserviceaccount</permission>
          <permission>hudson.model.Hudson.Administer:ldapgroup</permission>
        </authorizationStrategy>
        <securityRealm class="hudson.plugins.active_directory.ActiveDirectorySecurityRealm" plugin="active-directory@1.42">
          <domain>foo.bar.com</domain>
          <site>wetc</site>
          <bindName>CN=foo,OU=bar,OU=foo,OU=bar,DC=foo,DC=bar,DC=com</bindName>
          <bindPassword>blahblahblah=</bindPassword>
          <groupLookupStrategy>AUTO</groupLookupStrategy>
          <removeIrrelevantGroups>false</removeIrrelevantGroups>
        </securityRealm>
        <disableRememberMe>false</disableRememberMe>
      

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              zackwhiteit Zack White
            • Votes:
              2 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

              • Created:
                Updated: