I have created a global role "CI_TestRole" on Folder Authorization Strategy area with "overall/read" permissions and also a folder "CI_TestRole" assigned to "Folder A" and all folder permissions.

Instead of assigning it on Jenkins (by SID) I need to do it by LDAP. The problem is that I assign a role with the same name on LDAP for the users and when they try to log in they get:

Access Denied

user is missing the Overall/Read permission

When I enter my_jenkins_instance/whoAmI and under "Authorities" I can see:

• "CI_TestRole"
• "authenticated"

This works with other plugins such as Matrix Authorization plugin and seems like a bug to me.

I also did not find anything on the documentation of the plugin regarding LDAP user management. I noticed that when I changed to the Folder Authorization Strategy it automatically creates a global admin rule and assigned my LDAP username to it.