The following settings are reported to work with Active Directory and nested groups, though they should carry a warning that they may impact login performance and they have not been tested for completeness
Version 1.10 (22nd May 2014)
- Turned the group membership lookup into a strategy. There are now two strategies, the default "look up groups containing the user" strategy and an experimental new strategy which looks for an attribute in the user's LDAP record that contains a list of DNs of the groups that the user belongs to. Rumour has it that this second strategy may actually provide faster performance for Active Directory, but as the person who wrote this code does not have an Active Directory instance to test against - until some kind soul tests, confirms and edits this text to remove the assertion that this is a rumour - using the new strategy is Caveat emptor
Version 1.9 (9th May 2014)
- Added some interim hacks to work around JENKINS-22247. Setting the temporary system properties
will enable these hacks. These system properties will be removed in a future version once the core issue has been resolved.
- Modernised the configuration screen Jelly to use current form-binding.
- The manager password is now correctly encrypted using Secret. This is a downgrade breaking change. WARNING! If you upgrade to 1.9 and then downgrade, the manager password may be lost from your configuration.