We are running Jenkins CI as a critical application in our organisation.
I've recently set up an openLDAP server and I am looking to migrate all of our applications to this over time. The LDAP configuration for Jenkins works perfectly well in testing and I'm confident I could turn this on in the production environment and it would work as it's meant to. However - I've noticed a list of Jenkins users that aren't local Jenkins accounts, that have made commits to projects, and are actually company github accounts (we allow users to sign up to Jenkins, and I assume that's where these came from, but forgive me if I am wrong as I'm not experienced with Jenkins at all).
What I'd like to do is use the openLDAP server while still allowing these github accounts (and any future ones) to make commits. The obvious way would be if Jenkins allowed you to use multiple authentication realms at once like some other applications do but all documentation online indicates this can't be done. So, does anyone know of a way this could be done that I'm not thinking of?
My environment details:
- Jenkins version 1.650 running on Windows Server 2012 (we run this as a Windows service)
- Jenkins LDAP plugin version 1.11
- openLDAP version 2.4.40 running on Debian 8.2
Thanks in advance.
