We have a Jenkins box that use OpenDJ as the LDAP authenticator. And recently we migrated the ldif data from the old OpenDJ to a new OpenDJ server, and reconfigured the Jenkins to use the new box. After that, the Jenkins authentication stops working.
I noticed this message in the Jenkins log. It looks like the LDAP search hits some hard limits.
LDAP: error code 11 – This search operation has checked the maximum of 5000 entries for matches]
It turns out that by default OpenDJ has 5,000 limit against the lookthrough-limit. So I changed it in the properties of the Global Configuration to unlimited (0) by using dsconfig. The LDAP authentication works again after the change 😉