jenkins active directory project matrix

August 5, 2011
jenkins active directory project matrix

jenkins active directory project matrix

Here’s a howto guide on a Redhat Box using Active Directory Authentication:

This example uses the following…
AD Servername

foo.com

User used to search AD

CN=jenkins,OU=Utility,OU=foo_Internal,OU=All_Users,DC=foo,DC=com

OU that contains users that will access jenkins

OU=foo_Internal,OU=All_Users,DC=foo,DC=com

OU that contains the groups to be used for project matrix auth

OU=Groups,DC=foo,DC=com

Group we want to give all permissions except admin to

CN=MYGROUP, OU=Groups,DC=foo,DC=com

hint, to find DN of your users place this in notepad and save it as .bat and run it on domain controller:

del c:\activeUsers.txt
DSQUERY.exe * -limit 0 -filter "(&(objectCategory=Person)(objectClass=User)(!userAccountControl:1.2.840.113556.1.4.803:=2))" >"c:\activeUsers.txt"
C:\WINDOWS\NOTEPAD.EXE c:\activeUsers.txt

del c:\activegroups.txt
DSQUERY.exe group > c:\activegroups.txt
C:\WINDOWS\NOTEPAD.EXE c:\activegroups.txt

Step 1:

  • Configure your LDAP settings
  • Select “anyone can do anything”
  • Save your settings (your must Save your settings before attempting any modifications to project matrix)
  • Verify you can log in to jenkins

Step 2:

  • After saving select “project matrix authentication”
  • In the text field “User/group to add” input “ROLE_”, example “ROLE_MYGROUP”
  • Click Add (NOTE, the red stop icon will appear, this is a bug in jenkins!)
  • Set permissions for the group
  • Add the username for an Active Directory user that will be admin (I used user ‘aduser’ below)
  • Click Add
  • Give user admin permissions
  • Click Save

Your config.xml security section should look like something like this:

jenkins active directory project matrix config.xml