[JIRA] (JENKINS-58941) Missing Overall/Read permission when authenticating with LDAP user with a long UID

[clarkste...@gmail.com (JIRA)]

Title: Message Title


 
 
 
 

 
 
 

 
   
 Paul Clark commented on  JENKINS-58941  
 

  
 
 
 
 

 
 
  
 
 
 
 

 
  Re: Missing Overall/Read permission when authenticating with LDAP user with a long UID
 

  
 
 
 
 

 
 Francis Labrie, do you think that this is related to the 20 character AD limit (for "legacy" systems)?  
 

  
 
 
 
 

 
 
 

 
 
 Add Comment  
 

  
 

  
 
 
 
  
 

  
 
 
 
 

 
 This message was sent by Atlassian Jira (v7.13.6#713006-sha1:cc4451f)  
 
 

 
   
 

  
 

  
 

   





-- 
You received this message because you are subscribed to the Google Groups "Jenkins Issues" group.
To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-issues+unsubscr...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-issues/JIRA.201285.1565806846000.5373.1578524400392%40Atlassian.JIRA.

[JIRA] (JENKINS-58941) Missing Overall/Read permission when authenticating with LDAP user with a long UID

[flabrie (JIRA)]

Title: Message Title


 
 
 
 

 
 
 

 
   
 Francis Labrie created an issue  
 

  
 
 
 
 

 
 
  
 
 
 
 

 
 Jenkins /  JENKINS-58941  
 
 
  Missing Overall/Read permission when authenticating with LDAP user with a long UID
 

  
 
 
 
 

 
Issue Type: 
  Bug  
 
 
Assignee: 
 Oleg Nenashev  
 
 
Components: 
 core, ldap-plugin, role-strategy-plugin  
 
 
Created: 
 2019-08-14 18:20  
 
 
Environment: 
 * macOS Mojave 10.14.6  * Jenkins 2.189  * Latest plugins installed  
 
 
Priority: 
  Blocker  
 
 
Reporter: 
 Francis Labrie  
 

  
 
 
 
 

 
 This is a really strange bug: we do use a LDAP server to give access to our Jenkins users for years. But for the first time, a user can authenticate successfully, but even if we give him all the rights and permission, he cannot get access to the console nor jobs and projects. The only difference with other users is the length of his uid: it's 27 characters long, with only basic letters and one dot. It's something like this (it's not the real one, of course): abcdefg.hijklmnopqrstuvwxyz When he login, he gets that message: abcdefg.hijklmnopqrstuvwxyz is missing the Overall/Read permission We cannot change his uid. So we need a fix in Jenkins or in the related plugin.   Thanks!