Hi,
I’ve got a problem implementing security and role on Jenkins 2.332.1.
I would like to implement AD authentication and role based strategy.
But when I remove Anonimous from global role I got error message telling acess denied, user is missing the global/read permission, but my user got the admin role.
So it’s like my AD user is not recognized as member of jenkins.
So the only one solution is to remove the security in config.xml and go back to the original security level…
The role-based authorisation strategy plugin is not yet compatible with matrix authorisation v3, which is required by the latest versions of the Azure AD plugin. [JENKINS-67422] Role-strategy compatibility with matrix-auth 3.0 - Jenkins Jira
If you use the Azure AD matrix authorisation strategy instead, then you can grant access on Jenkins items to Azure AD users and groups (both security groups and Microsoft 365 groups), although not yet to Azure AD application roles. These permissions on items are saved to the items themselves and cannot be centrally managed with regular expressions and Configuration as Code, like you could with the role-based strategy. I suppose they could be centrally managed with Job DSL, though.