3
votes

I'm setting up a Jenkins server for a project of my company. I configured the security realm to use LDAP and had no problem until we decided to hire external development team along with our devs. We cannot create LDAP accounts for them for some reasons, however it is essential to use CI server together to collaborate and to get benefits of using CI server.

Is it possible to add external users who are not in LDAP?

I can think of only one solution so far.

  • use 'Jenkins's own user database' instead of 'LDAP' and create all users manually.

Any other solutions for this situations?

2

2 Answers

0
votes

I don't think so , probably the best you can do it try to persuade your network security team to add the external development team to your LDAP system giving them a different security role.

For example you could create roles for jenkins_admin, jenkins_staff, jenkins_contractor and then give them different privileges but without rights to other resources.

How will you allow your external development team to commit to your SCM?

1
votes

Seems like PAM is the way to go.

I haven't done it and am looking into doing it, but here is a suggestion from the lead Jenkins developer: http://jenkins-ci.361315.n4.nabble.com/Mixed-mode-authentication-td3447248.html