Set LDAP_BIND_USER and LDAP_BIND_PASSWORD environment variables in the system (e.g. when creating your Docker container, etc).
Last active
February 14, 2019 14:15
-
-
Save mllrjb/60909ace821652ab93794d5285398842 to your computer and use it in GitHub Desktop.
Jenkins init.groovy.d LDAP Authentication
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import jenkins.model.* | |
| import hudson.security.* | |
| import org.jenkinsci.plugins.* | |
| String server = 'ldaps://ldap.mllrjb.com:636' | |
| String rootDN = 'o=mllrjb.com' | |
| String userSearchBase = '' | |
| String userSearch = 'uid={0}' | |
| String groupSearchBase = 'ou=Groups' | |
| String bindDn = env.LDAP_BIND_USER; | |
| String bindPassword = env.LDAP_BIND_PASSWORD; | |
| boolean inhibitInferRootDN = false | |
| SecurityRealm ldap_realm = new LDAPSecurityRealm(server, rootDN, userSearchBase, userSearch, groupSearchBase, bindDn, bindPassword, inhibitInferRootDN) | |
| Jenkins.instance.setSecurityRealm(ldap_realm) | |
| Jenkins.instance.save() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello, This groovy script runs successfully (LDAP) but no changes are done to Jenkins config.xml file thus no changes are applied (default is Jenkins database and whoever is logged can do anything). Is there anything else that needs to happen after the groovy script runs? Is the passcode cleartext or hash? I'd appreciate if you could clarify. I imagine the groovy script would cause changes to the config.xml file as it happens if I configure it via Web UI. Thanks in advance!