LDAP group lookup
Locked
 
|
hi there,
i'm running Hudson 1.312 on opensuse here, trying to query an LDAP server. hudson can look up usernames, and get people logged in no problem, it will also allow me to use groups in the "matrix authentication" method, meaning it can look them up, as i get the little group icon too. problem being, if i want to used group-based security to save adding each individual user to the matrix, hudson doesn't see the user as being in the group, and denies login. so, to summarize: 1. user auth via LDAP works 2. group lookup (in matrix authentication gui) works, group icon automatically appears when i click "add" 3. user group membership lookup doesn't work at all i notice there's no "group search filter", whereas there is a "user search filter". in my group, users are represented by "memberUid" as opposed to "uid". can anyone help? thanks, dave. --------------------------------------------------------------------- To unsubscribe, e-mail: [hidden email] For additional commands, e-mail: [hidden email] |
|
|
This is not documented too well in the older versions but you need to
prefix your group names with ROLL_. So if you group name was hudson in ldap your group name in the matrix would be ROLL_HUDSON. The latest versions have this very well documented in the online help. Also I think you are good with memberUid if I recall from reading the code when I was setting up groups. Greg On Wed, Dec 16, 2009 at 6:57 AM, Dave Rearden <[hidden email]> wrote: > hi there, > > i'm running Hudson 1.312 on opensuse here, trying to query an LDAP server. > hudson can look up usernames, and get people logged in no problem, it will > also allow me to use groups in the "matrix authentication" method, meaning > it can look them up, as i get the little group icon too. > > > problem being, if i want to used group-based security to save adding each > individual user to the matrix, hudson doesn't see the user as being in the > group, and denies login. > > so, to summarize: > > 1. user auth via LDAP works > 2. group lookup (in matrix authentication gui) works, group icon > automatically appears when i click "add" > 3. user group membership lookup doesn't work at all > > i notice there's no "group search filter", whereas there is a "user search > filter". > > in my group, users are represented by "memberUid" as opposed to "uid". > > can anyone help? > > thanks, > > dave. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [hidden email] > For additional commands, e-mail: [hidden email] > > -- It is a mistake to think you can solve any major problems just with potatoes. - Douglas Adams --------------------------------------------------------------------- To unsubscribe, e-mail: [hidden email] For additional commands, e-mail: [hidden email] |
|
|
Hi,
It's not ROLL but ROLE. And you're right Dave: there's no group search filter, only the group search base DN. Cheers, Julien Le 23/12/09 14:40, Greg Sidelinger a écrit : > This is not documented too well in the older versions but you need to > prefix your group names with ROLL_. So if you group name was hudson in > ldap your group name in the matrix would be ROLL_HUDSON. The latest > versions have this very well documented in the online help. Also I > think you are good with memberUid if I recall from reading the code > when I was setting up groups. > > Greg > > On Wed, Dec 16, 2009 at 6:57 AM, Dave Rearden > <[hidden email]> wrote: > >> hi there, >> >> i'm running Hudson 1.312 on opensuse here, trying to query an LDAP server. >> hudson can look up usernames, and get people logged in no problem, it will >> also allow me to use groups in the "matrix authentication" method, meaning >> it can look them up, as i get the little group icon too. >> >> >> problem being, if i want to used group-based security to save adding each >> individual user to the matrix, hudson doesn't see the user as being in the >> group, and denies login. >> >> so, to summarize: >> >> 1. user auth via LDAP works >> 2. group lookup (in matrix authentication gui) works, group icon >> automatically appears when i click "add" >> 3. user group membership lookup doesn't work at all >> >> i notice there's no "group search filter", whereas there is a "user search >> filter". >> >> in my group, users are represented by "memberUid" as opposed to "uid". >> >> can anyone help? >> >> thanks, >> >> dave. >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [hidden email] >> For additional commands, e-mail: [hidden email] >> >> >> > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [hidden email] For additional commands, e-mail: [hidden email] |
|
|
Hello,
I was wondering if that holds true for ActiveDirectory groups and the AD plugin too. We're using an AD here, and I am using the AD plugin for authentication with project based Matrix-Rights.
Now I'ld like to roll out Hudson across another department instead of just ours (and finally it may end up rolled out across the entire company as the central it operations got interested in it) and need to be able to limit access to existing and new jobs to the departments based on the users AD group membership.
I've tried adding ROLE_department and department as users and giving them rights, anyhow that did not seem to work. As for the version of Hudson: I am using the auto-update feature to update weekly or bi-weekly.
Thanks for any information. Regards, Joti
2009/12/28 Julien CARSIQUE <[hidden email]> Hi, |
«
Return to Jenkins users
|
1 view|%1 views
| Free forum by Nabble | Edit this page |