Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-58941

Missing Overall/Read permission when authenticating with LDAP user with a long UID

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Blocker Blocker
    • core, ldap-plugin
    • None
    • * macOS Mojave 10.14.6
      * Jenkins 2.189
      * Latest plugins installed

      This is a really strange bug: we do use a LDAP server to give access to our Jenkins users for years. But for the first time, a user can authenticate successfully, but even if we give him all the rights and permission, he cannot get access to the console nor jobs and projects.

      The only difference with other users is the length of his uid: it's 27 characters long, with only basic letters and one dot. It's something like this (it's not the real one, of course):

      abcdefg.hijklmnopqrstuvwxyz

      When he login, he gets that message:

      abcdefg.hijklmnopqrstuvwxyz is missing the Overall/Read permission

      We cannot change his uid. So we need a fix in Jenkins or in the related plugin.

       

      Thanks! 

          [JENKINS-58941] Missing Overall/Read permission when authenticating with LDAP user with a long UID

          Paul Clark added a comment -

          flabrie, do you think that this is related to the 20 character AD limit (for "legacy" systems)?

          Paul Clark added a comment - flabrie , do you think that this is related to the 20 character AD limit (for "legacy" systems)?

          I don't think so, we have other Java based web applications that works using the same LDAP settings. 

          Francis Labrie added a comment - I don't think so, we have other Java based web applications that works using the same LDAP settings. 

            oleg_nenashev Oleg Nenashev
            flabrie Francis Labrie
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated: