Why does RBAC plugin fail to read LDAP group?

Article ID:204264450
1 minute readKnowledge base

Issue

You use LDAP and RBAC and want to match LDAP groups to roles. However, there are ldap groups which fails.

Environment

  • CloudBees Jenkins Enterprise

  • Ldap/AD

  • RBAC

Resolution

There are multi reasons but this usually happens because a case sensitivity issue.

Ensure that you provide the exact case of the group name as reported from the /whoAmI screen or else the group membership will not be correctly inferred.

There should be an "advanced" button for configuring case sensitivity in the LDAP plugin, you probably want to use that to set the strategy.

Additionally, there is an open RFE against our RBAC plugin to use the case sensitivity strategy, that RFE is waiting for us to drop support for the Jenkins 1.554.x.y release line (i.e. May '15). Until that time you just need to be careful entering the names of groups or users