Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-50128

LDAP permissions working for users but not groups


    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Not A Defect
    • Component/s: ldap-plugin
    • Labels:
    • Environment:
      Jenkins 2.60.2
      LDAP plugin 1.11 (initially had 1.18 but tried reverting to a previous version)
      Matrix Authorization Strategy 1.6 (also tried 2.1)
    • Similar Issues:


      I have connected Jenkins to our LDAP server in order to manage permissions for users and groups via the security matrix. Currently it is working for individual user accounts but not for groups.
      When I add an LDAP group to the matrix, it shows the group icon next to the group-name (meaning it found the group in LDAP), but when users that are members of that group log in to Jenkins, they only have Anonymous permissions.

      I have ran the groovy script given on the LDAP plugin page here: https://plugins.jenkins.io/ldap

      When given a valid groupname, it will return:

      It is a GROUP: hudson.security.LDAPSecurityRealm$GroupDetailsImpl@2fb6ea7d

      I've tried modifying the loadGroupbyGroupname line and added another line to try and get the members in the group:

      println(" It is a GROUP: " + Jenkins.instance.securityRealm.loadGroupByGroupname(name, true)) 
      println(" Members are : " + Jenkins.instance.securityRealm.loadGroupByGroupname(name).getMembers())

      But those commands only return:

      It is a GROUP: hudson.security.LDAPSecurityRealm$GroupDetailsImpl@5f1013d0 
      Members are : null

      How can I get the members in the LDAP group and get these LDAP groups working in Jenkins?



          There are no comments yet on this issue.


            • Assignee:
              kohsuke Kohsuke Kawaguchi
              sgardner661 Steven Gardner
            • Votes:
              0 Vote for this issue
              1 Start watching this issue


              • Created: