Recently my colleague faced issue while trying to integrate LDAP with Jenkins. Even though lots of material is available online, he was not able to do it. The steps were clear in the various documents available on internet but somehow it was not working for his installed Jenkins version 1.575.
I followed almost similar approach but with a little twist at the end (while providing values in the textbox) which worked for us. I am documenting the steps below hoping it may help others who are facing the similar issue.
Pre-requisite:-
No#1 - You must have Jenkins installed and running
No#2 - Details of LDAP server [ I integrated with OVD (Oracle Virtual Directory) which in turns connect to LDAP & AD ]
***Below values structure may vary in your environment***
-- OVD URL - ldap://hostname.mycompany.com:3389
-- Admin User DN - uid=jenkinsadmin,ou=Application Admin,o=mycompany.com (This user is required by Jenkins to connect to OVD)
-- User DN - uid=shantans,ou=Internal,o=mycompany.com ( This is one of the many user who will access Jenkins once it is authenticated by LDAP/AD.)
Step#1 - Login onto Jenkins console using the in-built admin user
Step#2 - Navigate to "Manage Jenkins" --> "Configure Global Security"
Step#3 - Select the radio button for LDAP under security realm
Step#4 - For the textbox of "Server" copy the OVD URL. Click on "Advanced"
Step#5 - Now populate other text box with below information:-
root DN: o=mycompany.com
(Root DN is the name of your organization and is represented in DN as value of 'o'. So for my user "uid=shantans,ou=Internal,o=mycompany.com", my root DN is "o=mycompany.com")
User search base: ou=internal
(User search base is the branch under root DN "o=mycompany.com", where the user will be searched. So for my user "uid=shantans,ou=Internal,o=mycompany.com", it appears in "ou=internal" under root DN)
User search filter: uid={0}
Group search base: ou=groups
Group search filter:
Group membership filter:
(Keep above values as it is. If you need access for particular group then you have to provide value for Group search filter and Group membership filter. Otherwise you can leave it blank as above)
Manager DN: uid=jenkinsadmin,ou=Application Admin,o=mycompany.com
Manager Passwors: password
(Manager DN is the admin user mainly an application user which provides Jenkins, connectivity to LDAP)
Click "Save"
Now logout and try to login with any user available in LDAP.
Hope this will help you. Let me know if you face any issue or it has helped you fix your connectivity issue.
I followed almost similar approach but with a little twist at the end (while providing values in the textbox) which worked for us. I am documenting the steps below hoping it may help others who are facing the similar issue.
Pre-requisite:-
No#1 - You must have Jenkins installed and running
No#2 - Details of LDAP server [ I integrated with OVD (Oracle Virtual Directory) which in turns connect to LDAP & AD ]
***Below values structure may vary in your environment***
-- OVD URL - ldap://hostname.mycompany.com:3389
-- Admin User DN - uid=jenkinsadmin,ou=Application Admin,o=mycompany.com (This user is required by Jenkins to connect to OVD)
-- User DN - uid=shantans,ou=Internal,o=mycompany.com ( This is one of the many user who will access Jenkins once it is authenticated by LDAP/AD.)
Step#1 - Login onto Jenkins console using the in-built admin user
Step#2 - Navigate to "Manage Jenkins" --> "Configure Global Security"
Step#3 - Select the radio button for LDAP under security realm
Step#4 - For the textbox of "Server" copy the OVD URL. Click on "Advanced"
Step#5 - Now populate other text box with below information:-
root DN: o=mycompany.com
(Root DN is the name of your organization and is represented in DN as value of 'o'. So for my user "uid=shantans,ou=Internal,o=mycompany.com", my root DN is "o=mycompany.com")
User search base: ou=internal
(User search base is the branch under root DN "o=mycompany.com", where the user will be searched. So for my user "uid=shantans,ou=Internal,o=mycompany.com", it appears in "ou=internal" under root DN)
User search filter: uid={0}
Group search base: ou=groups
Group search filter:
Group membership filter:
(Keep above values as it is. If you need access for particular group then you have to provide value for Group search filter and Group membership filter. Otherwise you can leave it blank as above)
Manager DN: uid=jenkinsadmin,ou=Application Admin,o=mycompany.com
Manager Passwors: password
(Manager DN is the admin user mainly an application user which provides Jenkins, connectivity to LDAP)
Click "Save"
Now logout and try to login with any user available in LDAP.
Hope this will help you. Let me know if you face any issue or it has helped you fix your connectivity issue.
No comments:
Post a Comment