Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-1132

LDAP feature improvements

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed (View Workflow)
    • Priority: Major
    • Resolution: Fixed
    • Component/s: _unsorted
    • Labels:
      None
    • Environment:
      Platform: All, OS: All
    • Similar Issues:

      Description

      • support group mapping by doing more LDAP queries.
      • allow the credential to be given in case LDAP server doesn't allow anonymouns
        bind for Hudson to query.

        Attachments

          Issue Links

            Activity

            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in hudson
            User: : kohsuke
            Path:
            trunk/hudson/main/core/src/main/java/hudson/security/LDAPSecurityRealm.java
            trunk/hudson/main/core/src/main/resources/hudson/security/LDAPSecurityRealm/config.jelly
            trunk/hudson/main/war/resources/help/security/ldap/managerDN.html
            trunk/hudson/main/war/resources/help/security/ldap/managerPassword.html
            trunk/www/changelog.html
            http://fisheye4.cenqua.com/changelog/hudson/?cs=8,506
            Log:
            [fixed] Supported LDAP server that doesn't allow anonymous bind. In 1.207. (issue #1132)

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in hudson User: : kohsuke Path: trunk/hudson/main/core/src/main/java/hudson/security/LDAPSecurityRealm.java trunk/hudson/main/core/src/main/resources/hudson/security/LDAPSecurityRealm/config.jelly trunk/hudson/main/war/resources/help/security/ldap/managerDN.html trunk/hudson/main/war/resources/help/security/ldap/managerPassword.html trunk/www/changelog.html http://fisheye4.cenqua.com/changelog/hudson/?cs=8,506 Log: [fixed] Supported LDAP server that doesn't allow anonymous bind. In 1.207. (issue #1132)
            Hide
            mesc mesc added a comment -

            we tried build 207

            we filled in "root DN" DC=fooCompany,DC=com
            and Manager DN CN=XXXXX,OUT=IT,OUT-Corporate,DC=fooCompany,DC=com
            and Manager Password of course

            but there's appearing (immediatelly on the configure screen, red colored text),
            under "LDAP Server" hostname/IP input textfield

            Unable to connect to 10.33.0.30: javax.Naming.NamingException: [LDAP: error code
            1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this
            operation a successful bind must be completed on the connection., data 0,
            vece?]; remaining name"

            I'm not familiar with LDAP, but a colleague gave me the "root DN" and "Manager
            DN" information ... and we verified, that these settings are okay when using in
            another Java program utilizing LDAP, so I guess my Manager DN/password settings
            are valid ...

            Could you please again look at this - thank you
            Merten

            Show
            mesc mesc added a comment - we tried build 207 we filled in "root DN" DC=fooCompany,DC=com and Manager DN CN=XXXXX,OUT=IT,OUT-Corporate,DC=fooCompany,DC=com and Manager Password of course but there's appearing (immediatelly on the configure screen, red colored text), under "LDAP Server" hostname/IP input textfield Unable to connect to 10.33.0.30: javax.Naming.NamingException: [LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece?]; remaining name" I'm not familiar with LDAP, but a colleague gave me the "root DN" and "Manager DN" information ... and we verified, that these settings are okay when using in another Java program utilizing LDAP, so I guess my Manager DN/password settings are valid ... Could you please again look at this - thank you Merten
            Hide
            karljp karljp added a comment -

            Merten, not sure if it helps or not, but just a FYI, I'm running hudson on suse
            linux, and after some problems with the ldap option, I tried just choosing
            ActiveDirectory, (it is an active directory server that hudson needs to talk
            to) and it worked merrily and happily. I just put in the domain name, and it
            was up and running.

            (This suse linux machine is running inside VMware, and I've no idea what the
            host OS is, maybe it's windows and that's why it works?)

            Just writing because I too read that the AD option can only be chosen for
            windows hudson hosts, but it seems to work just fine on linux hosts as well.

            Show
            karljp karljp added a comment - Merten, not sure if it helps or not, but just a FYI, I'm running hudson on suse linux, and after some problems with the ldap option, I tried just choosing ActiveDirectory, (it is an active directory server that hudson needs to talk to) and it worked merrily and happily. I just put in the domain name, and it was up and running. (This suse linux machine is running inside VMware, and I've no idea what the host OS is, maybe it's windows and that's why it works?) Just writing because I too read that the AD option can only be chosen for windows hudson hosts, but it seems to work just fine on linux hosts as well.
            Hide
            mesc mesc added a comment -

            Hello Karl,

            colleagues of mine tried ActiveDirectory plugin some weeks ago - and it worked
            out pretty well, same as your xperiences - exactly the same, cause they thought
            it not to be a solution for Hudson running on Linux VM
            I forgot to mention that here, so, it's good to have your comments.

            Thanx
            Merten

            Show
            mesc mesc added a comment - Hello Karl, colleagues of mine tried ActiveDirectory plugin some weeks ago - and it worked out pretty well, same as your xperiences - exactly the same, cause they thought it not to be a solution for Hudson running on Linux VM I forgot to mention that here, so, it's good to have your comments. Thanx Merten
            Hide
            kohsuke Kohsuke Kawaguchi added a comment -

            Note the recent improvement on Active Directory plugin which made it work on Linux.

            Show
            kohsuke Kohsuke Kawaguchi added a comment - Note the recent improvement on Active Directory plugin which made it work on Linux.

              People

              Assignee:
              Unassigned Unassigned
              Reporter:
              kohsuke Kohsuke Kawaguchi
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: