This is a really strange bug: we do use a LDAP server to give access to our Jenkins users for years. But for the first time, a user can authenticate successfully, but even if we give him all the rights and permission, he cannot get access to the console nor jobs and projects.
The only difference with other users is the length of his uid: it's 27 characters long, with only basic letters and one dot. It's something like this (it's not the real one, of course):
When he login, he gets that message:
abcdefg.hijklmnopqrstuvwxyz is missing the Overall/Read permission
We cannot change his uid. So we need a fix in Jenkins or in the related plugin.