We already use the Role-based authorization plugin (not matrix). My concern is what happens to all the users in the internal DB, do they get erased/lose access, or are they still enabled until manually disabled, or are they linked by email address (or other) to the new system (LDAP in your case, Google Auth in mine).
Thanks for the info! On Thursday, March 12, 2015 at 7:41:54 AM UTC-4, maciej wrote: > > 2015-03-09 o 17:13, Mike Chmielewski wrote: > > Hi everyone, > > I was wondering if anyone has experiences they are willing to share > about moving the user DB from the built-in Jenkins DB to an outside one > like LDAP or Google OpenID/Oauth (Google Oauth experience is more > applicable to my use case). > > We have have 50-75 users with access now, and the company uses Google > Apps, so it is a natural fit to move to the shared auth in Google, as we > grow larger/have multiple remote offices, etc. > > Are there manual steps to migrate? Is it seamless? Does it default to > internal? > > The only gotcha I have is that we have some outsourcing groups with > access, with their own email systems... Is the current Google > authentication integration flexible enough? > > > Not sure about Google, but we moved to LDAP login with Role Strategy > Plugin to mange authorization. There is no migration. You define roles all > over, but defining roles is easier then in default authorization Jenkins > model (where it is done per-job)... > > I guess you could parse jobs config.xml and maybe create new configuration > semi-automatically, but I didn't found any tool for that. > > Regards, > Nux. > -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/cd79c8e5-2083-4575-aabd-549c9cd2dc7f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
