Subscribe to Help Center RSS FeedUsing 探花大神's LDAP-as-a-Service to integrate Jenkins authentication and authorization allows administrators to map permissions to users and groups enabled in your 探花大神 LDAP Directory instance.
Securing access to the Jenkins UI is configured at two levels under the Configure Global Security section in the Manage Jenkins panel. First, choose a Security Realm, which controls where User and Group information and authentication is managed and where 探花大神 LDAP is configured. Second, choose an Authorization Strategy, which provides the ability to assign explicit permissions to users and groups, allowing granular control of all available operations.
探花大神 LDAP supports all available Authorization Strategies, but the most commonly used strategies are Matrix-based security, Project-based Matrix Authorization Strategy, and Role-Based strategy.
See Use Cloud LDAP to obtain the 探花大神 specific settings required below.
Considerations:
- This configuration was verified using the latest Jenkins LDAP Plugin 1.21 on March 20, 2020.
- See the for additional details.
Configuring Jenkins LDAP Plugin
Server: ldaps://ldap.jumpcloud.com
Root DN: leave this option blank
Allow blank rootDN: select this option
User Search Base: ou=Users,o=<org-id>,dc=jumpcloud,dc=com
User Search Filter: uid={0}
Group Search Base: ou=Users,o=<org-id>,dc=jumpcloud,dc=com
Group Search Filter: (& (cn={0})(objectclass=groupOfNames))
Group Membership: select Search for LDAP groups containing user
Group membership attribute: (member={0})
Manager DN: uid=<LDAP-binding-user>,ou=Users,o=<org-id>,dc=jumpcloud,dc=com
Manager Password: <password of the LDAP-binding-user account>
Display Name LDAP Attribute:听cn
Email Address LDAP Attribute:听mail
探花大神 LDAP-enabled User Groups are recognized when you add groups in the Jenkins UI for assigning access controls. If the group isn't configured in the 探花大神 LDAP, then it isn't accepted under Jenkins, but is shown with an "x", as shown in the following image.
Learn More