Configure Jenkins to use Cloud LDAP

Using JumpCloud's LDAP-as-a-Service to integrate Jenkins authentication and authorization allows administrators to map permissions to users and groups enabled in your JumpCloud LDAP Directory instance.

Securing access to the Jenkins UI is configured at two levels under the Configure Global Security section in the Manage Jenkins panel. First, choose a Security Realm, which controls where User and Group information and authentication is managed and where JumpCloud LDAP is configured. Second, choose an Authorization Strategy, which provides the ability to assign explicit permissions to users and groups, allowing granular control of all available operations. 

JumpCloud LDAP supports all available Authorization Strategies, but the most commonly used strategies are Matrix-based security, Project-based Matrix Authorization Strategy, and Role-Based strategy.

Note:

See Use Cloud LDAP to obtain the JumpCloud specific settings required below.

Considerations:

Configuring Jenkins LDAP Plugin

Serverldaps://ldap.jumpcloud.com
Root DN: leave this option blank
Allow blank rootDN: select this option

User Search Baseou=Users,o=<org-id>,dc=jumpcloud,dc=com
User Search Filteruid={0}

Group Search Baseou=Users,o=<org-id>,dc=jumpcloud,dc=com
Group Search Filter(& (cn={0})(objectclass=groupOfNames))
Group Membership: select Search for LDAP groups containing user
Group membership attribute(member={0})

Manager DNuid=<LDAP-binding-user>,ou=Users,o=<org-id>,dc=jumpcloud,dc=com
Manager Password<password of the LDAP-binding-user account>

Display Name LDAP Attributecn
Email Address LDAP Attributemail

Tip:

JumpCloud LDAP-enabled User Groups are recognized when you add groups in the Jenkins UI for assigning access controls. If the group isn't configured in the JumpCloud LDAP, then it isn't accepted under Jenkins, but is shown with an "x", as shown in the following image.

Still Have Questions?

If you cannot find an answer to your question in our FAQ, you can always contact us.

Submit a Case