Hi Team, We had a requirement for upgrading our security to LDAP Authentication in Jenkins. We made all the necessary changes of installing the self signed certificates on our Jenkins CLI server as per below blog after installing LDAP Plugin on Jenkins GUI.
*https://anandparthasarathy.* wordpress.com/2014/01/14/connect-jenkins-to-internal-self-signed-certificate-servers-and-configure-ssl/ <https://anandparthasarathy.wordpress.com/2014/01/14/connect-jenkins-to-internal-self-signed-certificate-servers-and-configure-ssl/> However, on the 5th step as per this blog we couldn't find the file as /etc/sysconfig/Jenkins where we were supposed to make below changes. Hence, we made these changes from Jenkins UI in Manage Jenkins > Configure System. Even after making these changes we were unable to connect to LDAP Server. So, we installed skip certificate check plugin on our Jenkins and after that the SSL Handshake error that we were getting while connecting to LDAP server was gone and LDAP server is able to let us establish our connection with it. Our last hurdle is that we are unable to login to Jenkins with our LDAP credentials. We tried all the available options that were available on google. However, no luck. We are using Project Based Matrix Authorization Strategy. Kindly Help. The error that we are getting now is: "LDAP: error code 32 - 0000208D: NameErr: DSID-0310020A, Problem 2001 (NO_OBJECT), data 0, best match of: OU=AppUsers,DC=COMPANY,DC=COM". We verified with our LDAP Team and they suggested all the settings are correct and we are receiving the connection properly from your system. All your help is much appreciated. *Step 5: *Make the following changes to /etc/sysconfig/jenkins file. You need to have sudo access to do so. - Change the JENKINS_PORT value to “-1” – You need to do this to ensure your CI server is no longer accessed through http. - Change the JENKINS_HTTPS_PORT value to “443” or any other port which is not taken. - Change the JENKINS_ARGS value to “–httpsKeyStore=$JENKINS_HOME/.ssl/.keystore –httpsKeyStorePassword=same-as-provided-during-cert-generation”. Regards, Mukul Garg -- You received this message because you are subscribed to the Google Groups "Jenkins Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/f822587b-b694-4dc2-a618-d4aaa7dd9cd6%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
