Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to add users and groups to AAD Matrix-based security #89

Closed
audunsolemdal opened this issue Oct 16, 2020 · 6 comments
Closed

Unable to add users and groups to AAD Matrix-based security #89

audunsolemdal opened this issue Oct 16, 2020 · 6 comments

Comments

@audunsolemdal
Copy link

image

I am only able to add myself ([email protected]) by being the admin user in config.xml

If this is set, I am able to use the jenkins instance, but I am unable to add other users or groups.

I have tried different patterns to add users and groups, none successful.

I have not been granted admin permissions e.g. Directory.Read.All, but used the other options mentioned.
@hikkyXII
Copy link
Contributor

Hi
At lease read permissions are required.
Worked for me: https://medium.com/@seifeddinemouelhi/configure-azure-active-directory-with-jenkins-e6ea31fb833e

@audunsolemdal
Copy link
Author

Is there a way to have this work without the Directory.Read.All permission? My tenant admins do not grant this permission

@hikkyXII
Copy link
Contributor

Not sure about that.

@timja
Copy link
Member

timja commented Apr 10, 2021

You just need to put the users in the right format,

Display Name (Object ID)

e.g.

Tim Jacomb (c994450c-daec-4b4c-afc7-dd0980ee44c7)

Or use one of the other authorization strategies and use the Jenkins ID,

Docs coming in #118

@timja timja closed this as completed Apr 10, 2021
@tgquan67 tgquan67 mentioned this issue Oct 3, 2022
Open
@afdgtech
Copy link

Hi Did you ever get this to work? I am having the same issue and I am on version Version: 340.vdef002cf6415 and I have following permissions below. If I use Azure Security matrix it doesn't show anything. I have to use the regular security Matrix and enter user or group object ID and that works. But would be much nicer if I can use the Azure ad so we do not have to look up object ids. Anyone have any ideas? Thank you

Directory.Read.All/Application
email/Delegated
Group.Read.All/Application
Group.Read.All/Application
People.Read.All/Application
People.Read.All/Application
User.Read.All/Application

@audunsolemdal
Copy link
Author

Hi Did you ever get this to work? I am having the same issue and I am on version Version: 340.vdef002cf6415 and I have following permissions below. If I use Azure Security matrix it doesn't show anything. I have to use the regular security Matrix and enter user or group object ID and that works. But would be much nicer if I can use the Azure ad so we do not have to look up object ids. Anyone have any ideas? Thank you

Directory.Read.All/Application email/Delegated Group.Read.All/Application Group.Read.All/Application People.Read.All/Application People.Read.All/Application User.Read.All/Application

I haven't tried in over two years, and my current project does not use Jenkins, so I do not have any new insight.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@hikkyXII @timja @audunsolemdal @afdgtech