I am trying to get all our organization users to login using their LDAP domain credentials to Jenkins. With the options below, only users under 1 particular OU are able to login. I want to provide multiple OUs to search from.
Our Active Directory structure is as below:
ca -> America -> Users -> actual user id
ca -> India -> Users -> actual user id
Currently only users who are part of the America OU are able to login successfully to the application. I want users from both America and India OUs to be able to login successfully. I thought changing both User search base and Group search base as 'OU=Users,OU=America|OU=India' would work. But that fails for everybody. I tried replacing '|' with ','. But that did not help. Please provide suggestions or the right options to use. This is a blocker for our Jenkins implementation.
root DN DC=ca,DC=com allow blank root DN Not checked User search base OU=Users,OU=America User search filter sAMAccountName={0} Group search base OU=Users,OU=America Group search filter sAMAccountName={0} Group membership Search for groups containing user (selected option) Group membership filter Manager DN CN=admin,OU=Role-Based,OU=America,DC=ca,DC=com Display name LDAP attribute sAMAccountName Email address LDAP attribute mail Environment variables com.sun.jndi.ldap.connect.timeout = 60000 com.sun.jndi.ldap.read.timeout = 60000