We use the "Active Directory" plugin to authenticate users and the "Project-based Matrix Authorization Strategy" to grant access to jobs.

In Jenkins "Configure Global Security" we configured that the user "authenticated" can "overall - Read" and nothing else.

Now create a new folder "folder1", and give AD user "user1" all grants on the folder.

Outcome: The user can not see the folder, and can not create new jobs in the folder.

Expected outcome: The user should see the folder when he logs in, and create jobs inside it.

If we give the user "Anonymous" all the grants, it works like expected. But not giving the user "user1" all the grants.