I am using Jenkins 2.426.2 war on a Windows server in a domain. I have Active Directory v2.34 and Matrix Authorization 3.2.1 installed. I have Jenkins connected to the domain and I am able to add AD users/groups to the Matrix Auth Strategy. I have no permissions granted to anonymous or authenticated user. Everything is working well. Until… Security discovered anyone in the AD domain can log into Jenkins. I responded with, yes, but they get “access denied” after login because they have no permissions. Sadly, that wasn’t good enough. They want to only allow users with valid permissions (purpose) to log in. I have searched everywhere and cannot find a solution to only allow specific users the ability to login (other than changing back to Jenkins internal DB auth). Any help would be greatly appreciated!
OS: Windows Server 2019 - 10.0
Java: 21.0.1 - Oracle Corporation (Java HotSpot™ 64-Bit Server VM)