The IT department complains that my Jenkins server is performing unsecure requests over a clear text (non-SSL/TSL encrypted) LDAP connection. However, I'm not using LDAP, I'm using active directory to authenticate users. How is this possible?
Configuration of the Active Directory Security Realm:
- TLS Configuration: JDK TrustStore
- StartTLs is enabled
- Test domain returns success
- Group membership is using "Token-Groups users attribute" as the default LDAP_MATCHING_RULE_IN_CHAIN might fall back to LDAP
- Remove irrelevant groups is enabled
- Use Jenkins Internal Database is disabled
- Cache is enabled with 256 elements and 10 minutes TTL
What is causing these LDAP requests or how can I stop them?