Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-12607

Active directory user names should not be case sensitive.

    XMLWordPrintable

Details

    Description

      Active directory user names should not be case sensitive. For example if I add the user "paul" then I would expect to be able to also login as "Paul", "pAul" or any other case combination.

      At the moment this won't match any user name and fail to login the user in, or worse match none and apply "authenticated user" permissions. This seems to confuse a lot of users.

      If there is a use case where case sensitivity is required then I think there should be a toggle option to enable or disable it.

      Attachments

        Issue Links

          is related to

          New Feature - A new feature of the product, which has yet to be developed. JENKINS-22247 Provide an extension point to define user id case sensitivity contract

          • Major - Major loss of function.
          • Resolved

          Improvement - An improvement or enhancement to an existing feature or task. JENKINS-19409 Support case-insensitive mode for user IDs

          • Critical - Crashes, loss of data, severe memory leak.
          • Reopened

          Improvement - An improvement or enhancement to an existing feature or task. JENKINS-17674 Expand SecurityRealm to support case insensitivity better

          • Major - Major loss of function.
          • Resolved

          Activity

            Ascending order - Click to sort in descending order
            View 17 older comments
            hieber Thomas Hieber added a comment -

            Same Problem here. The Workaround at the moment: You can enter the user to Jenkins usermanagement with upper or lowercase or any combination of upper and lowercase and it will always be found in Active Directory.
            They will ALWAYS be able to log in and they will always receive the rights given by their groups, but they do only receive individual rights if the name is entered exactly as set in Jenkins user Management.
            So you can tell your users to always use the same combination of upper and lowercase to log in or you can give them rights only based in groups. (which may lead to the need to do administration in LDAP which may or may be not possible for the Jenkins administrators)

            hieber Thomas Hieber added a comment - Same Problem here. The Workaround at the moment: You can enter the user to Jenkins usermanagement with upper or lowercase or any combination of upper and lowercase and it will always be found in Active Directory. They will ALWAYS be able to log in and they will always receive the rights given by their groups, but they do only receive individual rights if the name is entered exactly as set in Jenkins user Management. So you can tell your users to always use the same combination of upper and lowercase to log in or you can give them rights only based in groups. (which may lead to the need to do administration in LDAP which may or may be not possible for the Jenkins administrators)
            mcsf M Chon added a comment -

            Switched to using LDAP a while back. (De-installed the Active Directory plugin).
            Very happy with LDAP.

            mcsf M Chon added a comment - Switched to using LDAP a while back. (De-installed the Active Directory plugin). Very happy with LDAP.
            hieber Thomas Hieber added a comment -

            We had the described ussues with the LDAP plugin, not with the Active Directory plugin - sorry for the confusion.

            hieber Thomas Hieber added a comment - We had the described ussues with the LDAP plugin, not with the Active Directory plugin - sorry for the confusion.
            jasonschoon Jason Schoon added a comment -

            What would it take to get this under investigation or implemented? This appears to have been an issue for nearly 4 years, and it impacts our organization everytime not just someone new is added, but anytime they forgot to login with the exactly correct case. Not because they get rejected, but because they get in but have the wrong rights. That's a bad combination.

            jasonschoon Jason Schoon added a comment - What would it take to get this under investigation or implemented? This appears to have been an issue for nearly 4 years, and it impacts our organization everytime not just someone new is added, but anytime they forgot to login with the exactly correct case. Not because they get rejected, but because they get in but have the wrong rights. That's a bad combination.
            oleg_nenashev Oleg Nenashev added a comment -

            jasonschoon Jenkins is an open-source project. If you need this feature, the best way to get progress on it is to propose a pull request to the plugin. Maybe fbelzunc has some plans regarding this change.

            oleg_nenashev Oleg Nenashev added a comment - jasonschoon Jenkins is an open-source project. If you need this feature, the best way to get progress on it is to propose a pull request to the plugin. Maybe fbelzunc has some plans regarding this change.

            People

              Unassigned Unassigned
              paulm Paul M
              Votes:
              25 Vote for this issue
              Watchers:
              29 Start watching this issue

              Dates

                Created:
                Updated: