[JIRA] (JENKINS-16205) Inaccessible active directory groups prevent authentication

[tom.pal...@whiteonesugar.com (JIRA)]

Tom Palmer created JENKINS-16205 Inaccessible active directory groups prevent authentication Issue Type: Bug Assignee: Unassigned Components: active-directory Created: 27/Dec/12 12:42 PM Description: Our active directory setup has some memberOf references to groups that aren't visible by the authenticating user. This results in the following error and prevents the user from being authenticated: Caused by: javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-03151F00, problem 2001 (NO_OBJECT), data 0, best match of: 'DC=example,DC=com' ^@]; remaining name 'CN=Bad Group,DC=example,DC=com' at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3092) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3013) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2820) at com.sun.jndi.ldap.LdapCtx.c_getAttributes(LdapCtx.java:1312) at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_getAttributes(ComponentDirContext.java:213) at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.getAttributes(PartialCompositeDirContext.java:121) at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.resolveGroups(ActiveDirectoryUnixAuthenticationProvider.java:422) at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:290) ... 46 more Project: Jenkins Priority: Major Reporter: Tom Palmer

This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators. For more information on JIRA, see: http://www.atlassian.com/software/jira