ºÚÁϺ£½Ç91Èë¿Ú

Using ºÚÁϺ£½Ç91Èë¿Ú's LDAP-as-a-Service to integrate Jenkins authentication and authorization allows administrators to map permissions to users and groups enabled in your ºÚÁϺ£½Ç91Èë¿Ú LDAP Directory instance.

Securing access to the Jenkins UI is configured at two levels under the Configure Global Security section in the Manage Jenkins panel. First, choose a Security Realm, which controls where User and Group information and authentication is managed and where ºÚÁϺ£½Ç91Èë¿Ú LDAP is configured. Second, choose an Authorization Strategy, which provides the ability to assign explicit permissions to users and groups, allowing granular control of all available operations. 

ºÚÁϺ£½Ç91Èë¿Ú LDAP supports all available Authorization Strategies, but the most commonly used strategies are Matrix-based security, Project-based Matrix Authorization Strategy, and Role-Based strategy.

Considerations:

• This configuration was verified using the latest Jenkins LDAP Plugin 1.21 on March 20, 2020.
• See the  for additional details.

Configuring Jenkins LDAP Plugin

Server: ldaps://ldap.jumpcloud.com
Root DN: leave this option blank
Allow blank rootDN: select this option

User Search Base: ou=Users,o=<org-id>,dc=jumpcloud,dc=com
User Search Filter: uid={0}

Group Search Base: ou=Users,o=<org-id>,dc=jumpcloud,dc=com
Group Search Filter: (& (cn={0})(objectclass=groupOfNames))
Group Membership: select Search for LDAP groups containing user
Group membership attribute: (member={0})

Manager DN: uid=<LDAP-binding-user>,ou=Users,o=<org-id>,dc=jumpcloud,dc=com
Manager Password: <password of the LDAP-binding-user account>

Display Name LDAP Attribute:Ìýcn
Email Address LDAP Attribute:Ìýmail