jenkins active directory project matrix

August 5, 2011
jenkins active directory project matrix

jenkins active directory project matrix

Here’s a howto guide on a Redhat Box using Active Directory Authentication:

This example uses the following…
AD Servername

User used to search AD


OU that contains users that will access jenkins


OU that contains the groups to be used for project matrix auth


Group we want to give all permissions except admin to

CN=MYGROUP, OU=Groups,DC=foo,DC=com

hint, to find DN of your users place this in notepad and save it as .bat and run it on domain controller:

del c:\activeUsers.txt
DSQUERY.exe * -limit 0 -filter "(&(objectCategory=Person)(objectClass=User)(!userAccountControl:1.2.840.113556.1.4.803:=2))" >"c:\activeUsers.txt"
C:\WINDOWS\NOTEPAD.EXE c:\activeUsers.txt

del c:\activegroups.txt
DSQUERY.exe group > c:\activegroups.txt
C:\WINDOWS\NOTEPAD.EXE c:\activegroups.txt

Step 1:

  • Configure your LDAP settings
  • Select “anyone can do anything”
  • Save your settings (your must Save your settings before attempting any modifications to project matrix)
  • Verify you can log in to jenkins

Step 2:

  • After saving select “project matrix authentication”
  • In the text field “User/group to add” input “ROLE_”, example “ROLE_MYGROUP”
  • Click Add (NOTE, the red stop icon will appear, this is a bug in jenkins!)
  • Set permissions for the group
  • Add the username for an Active Directory user that will be admin (I used user ‘aduser’ below)
  • Click Add
  • Give user admin permissions
  • Click Save

Your config.xml security section should look like something like this:

jenkins active directory project matrix config.xml