Jenkins is an open-source automation server that facilitates continuous integration and continuous delivery (CI/CD) in software development. It automates the process of building, testing, and deploying software, streamlining the development pipeline. Jenkins achieves this by integrating with various tools and systems through its extensive plugin ecosystem. 

Note: Jenkins LDAP plugin has to be installed!

Note: “dc=example,dc=com” is default configuration; you should replace it with your base DN.

Jenkins Base Setup

To setup OpenLDAP for Jenkins navigate to Dashboard/Manage Jenkins/Security.

1. Set Security Realm to LDAP
2. Click ‘Add Server’
3. Setup config fields as stated below

Config Fields

Server

(This can be replaced by server ip/your domain etc.)

ldap://example.com:389

Advanced Server Configuration Dropdown

root DN

dc=example,dc=com

Allow Blank rootDN

true

User Search Base

ou=people

User Search Filter

uid={0}

Group Search Base

ou=groups

Group Search Filter

(& (cn={0})(objectclass=groupOfNames))

Group Membership

Select ‘Search for LDAP groups containing user’ and leave ‘Group membership filter’ empty.

Manager DN

Put your admin account information here, something like:

cn=admin,ou=people

Manager Password

Leave as is.

Display Name LDAP attribute

Leave cn as is; it inputs username:

cn

Email Address LDAP attribute

mail

Tips and Tricks

• Always use Test LDAP settings so you won’t get locked out. It works without a password.
• To setup your permissions, go to Authorization Setting and select Matrix-based security. Add group/user (it has to exist in OpenLDAP) and you can grant him permissions. Note that Overall Read forbids users to read jenkins and execute actions. Administer gives full rights.

Useful Links

Jenkins LDAP Plugin
Managing Security: Beginning with Jenkins 2.214 and Jenkins LTS 2.222.1, the "Enable Security" checkbox has been removed. Jenkins own user database is used as the default security realm