Issue Jenkins stops trying to authenticate to the "real" ldap server, i.e. sub-domain.domain.com, and starts trying to authenticate to domain.com You get the stacktrace javax.naming.CommunicationException: domain.com:389 Environment CloudBees Jenkins Enterprise LDAP Resolution You need to specify the port: <server>serv1.domain.com:PORT serv2.domain.com:PORT serv3.domain.com:PORT</server>▼