- The log-in process is very slow
- Jenkins takes too much time to recognize the AD groups
- I am able to log-in on Jenkins
- AD groups are recognized by Jenkins
- In /whoAmI AD groups appear
Try with Token-Groups user attribute
Unfortunately, for the moment the AD plugin does not allow you to restrict Groups lookup on the same way you can do it with the LDAP plugin, however on the other hand in case your AD set-up only relies on Security Groups, and not Distribution Groups - which most of the cases happens, then you can try to use Group Membership Strategy → Token-Groups user attribute which should have a very big improvement when discovering groups.
Try removing irrelevant groups with the Recursive group queries
Makes Jenkins ignore every user’s Active Directory groups that are not being used by the active Authorization Strategy. This can significantly improve performance in environments with a large number of groups but a small number of corresponding rules defined by the Authorization Strategy.
- Note: this setting may be incompatible with some Authorization Strategies.
Enable the cache
This is one of the options which might increase the performance of your Jenkins instance when there are consecutive lookups. Enable this option is totally recommended.