Getting Access Denied xxxx is missing the Overall/Read permission using xxx_xxx_admin_dev AD group
Did you add permissions for that group in the Jenkins UI?
yes i have added for group user overall permissions in jenkinsUI
hi team;
i can login with my user id which is assigned admin role in jenkins > manage jenkins > manage and assign role in global role without any issue
however, i would like to craate a group and my user id on this group, this group is assigned under admin role but i’m getting [Access Denied xxxx is missing the Overall/Read permission]. Could you please advice?
Is your user member of that group? You can go to <jenkinsurl>/whoAmI to see to which groups your user belongs to.
Groups are not managed in Jenkins, the membership of a user to a group is determined by the security realm (e.g Active Directory, ldap, saml, …).
Hi Mawinter;
Yes, my userid is on that group.
My user id and the group are the same admin role under Dashboard > Manage Jenkins > Manage and assign Roles > Assign roles > global roles
When I tried to access /whoAmI which use group with my ID, I see my ID show correctly. My name is correct too when accessing jenkins but it get access denied
``
Regards,
Ngan
The picture shows that you’re only member of the group “authenticated”, a Jenkins internal group that each user gets that is logged in.
this user is on group which has the admin permission but this userid is getting access denied.what should i do?
Group membership is defined by the security realm. The whoAmI page shows what the securityRealm returned as group members. Which securityRealm are you using?
SAML 2.0 (we use the metadata from ping) and detail:
-
IdP Metadata URL:
URL to take the IdP Metadata from: blank -
Display Name Attribute: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
-
Group Attribute: http://schemas.xmlsoap.org/claims/Group
-
Maximum Authentication Lifetime:86400
-
Username Attribute: username
-
Email Attribute: email
-
Authorization: Role-Based Strategy