How to integrate Jenkins with Google LDAP service

[Alex Domoradov]

Hello,

Does anyone has successes in such kind of integration? Because Google LDAP service requires certificate authentication I can't point Jenkins directly to the ldaps://ldap.google.com. I have tried to use stunnel but without success.

Jenkins: 2.150.2

LDAP plugin: 1.20

Jenkins settings

https://i.imgur.com/rShdcmR.png

https://i.imgur.com/RC0crE9.png

172.17.0.1 is the address of stunnel. I use the following config with stunnel

# cat /etc/stunnel/ldap.conf 
[ldap]
client = yes
accept = 127.0.0.1:389
connect = ldap.google.com:636
cert = /etc/stunnel/gldap.crt
key = /etc/stunnel/gldap.key

Also I have tried to import google certificate and private key to my own keystore

$ openssl pkcs12 -export -out ldap.google.com.pkcs12 \

-inkey gldap.key -in gldap.crt

$ keytool -v -importkeystore -srckeystore ldap.google.com.pkcs12 \

-srcstoretype PKCS12 -destkeystore cacerts -deststoretype JKS

and point Jenkins to it
-Djavax.net.ssl.keyStore=/var/jenkins_home/.cacerts/cacerts -Djavax.net.ssl.keyStorePassword=changeit

But without success. Did I miss something?

[Alex Domoradov]

Any advise?

[Mukesh Yadav]

Hello Alex 
do you get any success in jenkins integration with stunnel?

Your feedback matters - At Knoldus we aim to be very professional in our quality of work, commitment to results, and proactive communication. If you feel otherwise please share your feedback and we would work on it. 

[Ludovic Perrier]

Dear all,

I have configure my stunnel and it's working with testing connectivity as describe here https://support.google.com/a/answer/9190869?hl=en with ldp.exe on windows

But as previous message, i can't connect with jenkins, I tried lots of parameters but nothing, please someone can give a sample of this fields for jenkins or other app:

root DN

User search base

User search filter

Manager DN

Manager Password

And to the end, what field do you use as user to login?

Thanks