Jenkins is working without credentials even after configuring LDAP authentication

I upgraded Jenkins to the latest version 2.423 on the secondary server with complete backup from the primary server. After the upgrade, LDAP authentication did not work, so I changed useSecurity to false in the Jenkins config.xml file to disable security temporarily and updated my LDAP manager password. After that, LDAP authentication started to work, and Jenkins was working without asking for any credentials.

While loading the URL, it allows us to directly manage Jenkins without asking us to login forcefully.

Hello @Ebin and welcome to this community. :wave:

It seems you’ve resolved the issue with LDAP authentication by temporarily disabling security (useSecurity set to false) and updating your LDAP manager password. However, it’s crucial to re-enable security to ensure the proper authentication and access control of your Jenkins instance.

Here are some of the steps you could take to re-enable security:

  1. Re-enable Security: Set useSecurity back to true in your Jenkins configuration. This is essential to enforce authentication and access control.
  2. LDAP Configuration: Ensure that your LDAP configuration remains correct and functional. Make sure that Jenkins can connect to your LDAP server and authenticate users.
  3. User and Group Configuration: Confirm that your LDAP users and groups are correctly configured within Jenkins. Ensure that LDAP groups are correctly mapped to Jenkins roles to control access.

Thanks for responding to my query, @poddingue.

I already followed those steps you mentioned, and LDAP is functioning and able to login. At the same time, everything is accessible and manageable without login.

For your reference,

How did you re-enable security? Did you do it through the UI or via editing the Jenkins XML files? If the latter, you would need to restart Jenkins in order for it to be picked up.

I have reenabled the security through UI only and restarted Jenkins to reflect. But no luck.

Is “logged in users can do anything” selected, or did you setup actual permissions?