Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-69123

[LDAP] - I'm not able to use DN of groups


    • Bundles management UI Sprint


      I'm trying to set an jenkins environment configured with ldap-plugin. 

      My configuration is pretty simple and working for the log-in to the UI. 


      I want to use groups by DN, I means I'm working for a company that manage the rights (RO, RW...) by the same group name but in a different OU. 

      The context is ; 

      dn : cn=admin, ou=<ACCOUNT_ID>, dc=test, dc=local


      But I'm just able to add group with the CN. For example If i'm trying to add a group, it works only if I try to add "admin" but not with "cn=admin, ou=<ACCOUNT_ID>, dc=test, dc=local"

      My problem is I have 100x the group "admin" in my ldap-server. So Jenkins will try to use the first result ? 


      In the ldap-plugin documentation I see :

      Note: in this field there are two available substitutions:
      {0} - the fully qualified DN of the user
      {1} - the username portion of the user 

      So I tried to set the groupfilter to cn={0} If I understand the documentation that result cn = dn but its not working.


      Here is an example of ldapsearch on my ldap-server : 

      dn: cn=clusteradmin,ou=454g54-gre45,ou=test,ou=Perimeers,cn=ApplicationContext,dc=localuniqueMember: uid=grger,ou=Users,dc=local
      uniqueMember: uid=gerger,ou=Users,dc=localuuid: afrf-52fe-fezcvd2s-fdsdv
      accountId: afrf-52fe-fezcvd2s-fdsdvcn: clusteradminobjectClass: testRole
      objectClass: groupOfUniqueNames
      objectClass: top 


      Can you help on that its very urgent please

            Unassigned Unassigned
            kilz78 Guillaume LE MAREC
            0 Vote for this issue
            3 Start watching this issue