Jenkins fails to configure LDAP No LDAP group membership reported. LDAP Group lookup: could not verify

Using Jenkins Ask a question
1

Jenkins fails to configure LDAP No LDAP group membership reported. LDAP Group lookup: could not verify.

Although there was an error, I was still able to log in using the matched user. That is to say, my LDAP was able to correctly search for the user. However, when testing the user, there was this warning.

iShot_2025-10-16_19.13.49
iShot_2025-10-16_19.13.491732×483 81 KB

The following is the configuration for LDAP in Jenkins.

server: 10.0.0.99:389
root DN: dc=ops,dc=com
User search base: ou=ou_name1
User search filter: uid={0}
Manager DN: cn=admin,dc=ops,dc=com
Manager Password: xxx
Display Name LDAP attribute: sn
Email Address LDAP attribute: mail


The following two I filled in by default were both marked as incorrect.
Group search base: ???
Group search filter: ???

This is the relevant configuration in my LDAP. I also have other `ou` like this.

# LDIF Export for ou=ou_name1,dc=ops,dc=com
# Server: 10.0.0.99 (10.0.0.99)
# Search Scope: sub
# Search Filter: (objectClass=*)
# Total Entries: 7
#
# Generated by phpLDAPadmin (http://phpldapadmin.sourceforge.net) on October 16, 2025 11:23 am
# Version: 1.2.5

version: 1

# Entry 1: ou=ou_name1,dc=ops,dc=com
dn: ou=ou_name1,dc=ops,dc=com
objectclass: top
objectclass: organizationalUnit
ou: ou_name1

# Entry 2: cn=go,ou=ou_name1,dc=ops,dc=com
dn: cn=go,ou=ou_name1,dc=ops,dc=com
cn: go
gidnumber: 1000
objectclass: top
objectclass: posixGroup

# Entry 3: uid=go_user1,cn=go,ou=ou_name1,dc=ops,dc=com
dn: uid=go_user1,cn=go,ou=ou_name1,dc=ops,dc=com
cn: go_user1
gidnumber: 1000
homedirectory: /home/go_user1
loginshell: /bin/bash
mail: go_user1@ops.com
objectclass: inetOrgPerson
objectclass: posixAccount
objectclass: top
sn: go_user1
uid: go_user1
uidnumber: 1001
userpassword: {SSHA}uUFY4EJIccmbnIZBPMiq06QK4HG9vO/a

# Entry 4: uid=go_user2,cn=go,ou=ou_name1,dc=ops,dc=com
dn: uid=go_user2,cn=go,ou=ou_name1,dc=ops,dc=com
cn: go_user2
gidnumber: 1000
homedirectory: /home/go_user2
loginshell: /bin/bash
mail: go_user2@ops.com
objectclass: inetOrgPerson
objectclass: posixAccount
objectclass: top
sn: go_user2
uid: go_user2
uidnumber: 1002
userpassword: {SSHA}uUFY4EJIccmbnIZBPMiq06QK4HG9vO/a

# Entry 5: uid=go_user3,cn=go,ou=ou_name1,dc=ops,dc=com
dn: uid=go_user3,cn=go,ou=ou_name1,dc=ops,dc=com
cn: go_user3
gidnumber: 1000
homedirectory: /home/go_user3
loginshell: /bin/bash
mail: go_user3@ops.com
objectclass: inetOrgPerson
objectclass: posixAccount
objectclass: top
sn: go_user3
uid: go_user3
uidnumber: 1003
userpassword: {SSHA}uUFY4EJIccmbnIZBPMiq06QK4HG9vO/a

# Entry 6: cn=java,ou=ou_name1,dc=ops,dc=com
dn: cn=java,ou=ou_name1,dc=ops,dc=com
cn: java
gidnumber: 1001
objectclass: top
objectclass: posixGroup

# Entry 7: cn=python,ou=ou_name1,dc=ops,dc=com
dn: cn=python,ou=ou_name1,dc=ops,dc=com
cn: python
gidnumber: 1002
objectclass: top
objectclass: posixGroup

ou=ou_name1,dc=ops,dc=com Now I want to match all the users under this “ou” directory.

If I want to match users from multiple OUs, how should I configure it?

ou=ou_name1,dc=ops,dc=com
ou=ou_name2,dc=ops,dc=com
ou=ou_name3,dc=ops,dc=com
......