Setting up security

[John E Peterson]

Before I break anything, I need to clarify something about setting up Active Directory authentication.

Actually setting up the domain seems straight forward.  But...

It asks for a backup user (Jenkins Own Directory), so I type in jpeterson.  Ok?  I have been using NO security.  So, how does it know who I am or what my password would be for this?

I also don't want ALL domain users to be able to access this.  Only a "group".  I assume this is configured under the matrix area?  I get two long sections - unauthorized user (if I require authentication, why does this even show?) and administrator.  I assume I want ALL checksmarks for administrator.  But, how does it KNOW me@mydomain is an admin?  Where is that configured if nothing has ever been configured before?

It also asks for a group.  Is this an AD authentication group?  Such as Jenkins_Users and Jenkins_Admins?  And then it determines by which AD group people are in which permissions they get?

There needs to be a clear instruction manual on step-by-step for this as this is such a critical function and if you screw up, you can't get back in and have to restore a backup.

Bottom line:

I want to (first time) setup security.

I want me (jpeterson) to be the backup user in Jenkins Own Directory (which I have never added anybody)

I want to be able to have two AD authenticated sets of users - Jenkins_Users and Jenkins_Admins so I can limit permissions for the Users.  But not clear if this is setup intneral to Jenkins or via AD groups.

Thanks

Note - I assume that:

Domain Name, Domain Controller are as expected

Site is an arbitrary name I give?

Bind ID and Bind PWD are the authorized domain admin credentials?

Once again, there is no real instructional setup help even on the plugin page.