create a local user in jenkins along side LDAP authentication

Question

The purpose is to create a local user in jenkins(granting admin rights) along side the LDAP group authentication so that this "local" user can perform all admin actions whenever the LDAP authentication is not working. I can set up active directory user(valid users with a valid id), but i want to explore the possibility of setting up "local" jenkins user I tried to figure this out through JENKINS JIRA but there is no mention of jenkins local user.

Can anyone help me figure this out.

Answer 1

You can't.

When you activate LDAP authentication, you automatically disable Jenkins' internal user database. Both cannot co-exist.

Answer 2

There is an improvement filed here to support local users and LDAP users at the same time: https://issues.jenkins-ci.org/browse/JENKINS-3404

Answer 3

I agree with the accepted answer in that Jenkins does not currently appear to support the simultaneous use of internal authentication and LDAP authentication.

That said, what I do to work around this is:

1. Run a local copy (i.e. on the Jenkins system itself) of slapd
2. Configure Jenkins with LDAP authentication, and point him to both my local LDAP directory and our organization's directory

See screenshots:

By doing so, I'm able to create (within the local LDAP instance) a handful of service accounts, and also utilize my org's LDAP authentication for everything else. (On a side note, I use the "Project-based Matrix Authorization Strategy" to manage authz.)

Setting up a local directory is more effort at the outset, but it solves the problem you are describing -- at least until a better solution is available.