Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-65117

LDAP Plugin with 'Dn inconsistent' message using ActiveDirectory


    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Minor Minor
    • ldap-plugin
    • None
    • Jenkins: 2.277.1
      OS: Windows Server 2016 - 10.0
      Tomcat 8.5

      We are using the LDAP plugin to authenticate the users against MS Active Directory.

      If I test the LDAP settings we get this warning message (see also the picture: Dn_inconsistent_example.png):

      Dn inconsistent (login cn=User Xyz,ou=Employees,ou=Example AG,dc=example,dc=com versus lookup CN=User Xyz,OU=Employees,OU=Example AG,DC=example,DC=com)

      In your code I saw you just string compare the both 'inputs'. Is it important for other LDAP backends (like OpenLDAP) to do this check case sensitive? Is "DC=", "OU=" and so on case sensitive? I don't know the details here.

      What are the implications for running Jenkins when I get such a message?

            teilo James Nord
            klno Klaus
            1 Vote for this issue
            6 Start watching this issue