Out of curiosity, have you gotten the groups to work in this config?

I have this same setup working, but I can only see groups IFF the user 
already has admin rights  (which is very backwards and useless, as groups 
are mostly meaningless if you are already admin). I opened a bug with LDAP 
plugin (https://issues.jenkins-ci.org/browse/JENKINS-37858)

-M

On Tuesday, September 20, 2016 at 9:49:05 AM UTC-7, Neil White wrote:
>
> I'm running Jenkins 2.21 and I got it running on LDAP with only the 
> following details.
> This is from the config.xml, which you can translate into the frontend.
>
> <server>ipa.example.com</server>
> <rootDN>dc=example,dc=com</rootDN>
> <inhibitInferRootDN>false</inhibitInferRootDN>
> <userSearchBase>cn=users,cn=accounts</userSearchBase>
> <userSearch>uid={0}</userSearch>
> <groupSearchBase>cn=groups,cn=accounts</groupSearchBase>
>
> <groupSearchFilter>memberOf=cn=jenkins,cn=groups,cn=accounts,dc=example,dc=com</groupSearchFilter>
> <groupMembershipStrategy 
> class="jenkins.security.plugins.ldap.FromGroupSearchLDAPGroupMembershipStrategy">
>   <filter></filter>
> </groupMembershipStrategy>
> <managerDN>uid=jenkins,cn=sysaccounts,cn=etc,dc=example,dc=com</managerDN>
>
> <managerPasswordSecret>TRLkkCtAA1X2hAyqXXXXXXXXXXXXXXXXXXXOsJz8Q3txUCTprcl/qTItIFNDrR5x7</managerPasswordSecret>
> <disableMailAddressResolver>false</disableMailAddressResolver>
> <displayNameAttributeName>displayname</displayNameAttributeName>
> <mailAddressAttributeName>mail</mailAddressAttributeName>
> <userIdStrategy class="jenkins.model.IdStrategy$CaseInsensitive"/>
> <groupIdStrategy class="jenkins.model.IdStrategy$CaseInsensitive"/>
> </securityRealm>
>
>
>
>
> On Saturday, September 19, 2015 at 1:03:25 PM UTC+2, Yogesh Sharma wrote:
>>
>> Hi List,
>>
>> I am trying to integrate Jenkins with FreeIPA LDAP. Configuration is done 
>> and seems to be OK as there is no error. However, I am not able to 
>> authenticate into the Jenkins using FreeIPA LDAP users.
>>
>> Jenkins logs does not say anything. Tried adding Log Level:
>>
>> org.acegisecurity.providers.ldap.authenticator,org.acegisecurity.providers.ldap.LdapAuthenticationProvider
>>  
>> (WARNING) but does not help.
>>
>> Below is LDAP Config in Jenkins:
>>
>>
>>   root DN [image: Help for feature: root DN] 
>> <http://localhost:8080/configureSecurity/#>
>>   Allow blank rootDN 
>>   User search base [image: Help for feature: User search base] 
>> <http://localhost:8080/configureSecurity/#>
>>   User search filter [image: Help for feature: User search filter] 
>> <http://localhost:8080/configureSecurity/#>
>>
>>  Case sensitivity...
>>   Group search base [image: Help for feature: Group search base] 
>> <http://localhost:8080/configureSecurity/#>
>>   Group search filter [image: Help for feature: Group search filter] 
>> <http://localhost:8080/configureSecurity/#>
>>   Group membership 
>>  Parse user attribute for list of groups 
>>  Search for groups containing user 
>>   Group membership filter 
>>   Manager DN [image: Help for feature: Manager DN] 
>> <http://localhost:8080/configureSecurity/#>
>>   Manager Password [image: Help for feature: Manager Password] 
>> <http://localhost:8080/configureSecurity/#>
>>   Display Name LDAP attribute [image: Help for feature: Display Name 
>> LDAP attribute] <http://localhost:8080/configureSecurity/#>
>>   Email Address LDAP attribute [image: Help for feature: Email Address 
>> LDAP attribute] <http://localhost:8080/configureSecurity/#>
>>   Disable Ldap Email Resolver 
>> Enable cache [image: Help for feature: Enable cache] 
>> <http://localhost:8080/configureSecurity/#>
>>   Environment Properties 
>> Add
>> [image: Help for feature: Environment Properties] 
>> <http://localhost:8080/configureSecurity/#>
>>  Login with Google [image: Help for feature: Login with Google] 
>> <http://localhost:8080/configureSecurity/#>
>>  PWauth Authentication [image: Help for feature: PWauth Authentication] 
>> <http://localhost:8080/configureSecurity/#>
>>  Unix user/group database [image: Help for feature: Unix user/group 
>> database] <http://localhost:8080/configureSecurity/#>
>>
>>

-- 
You received this message because you are subscribed to the Google Groups 
"Jenkins Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to jenkinsci-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jenkinsci-users/00d524dc-7f5d-4792-927f-3d3d173ed5a3%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to