Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-13595

Active Directory authentication when making configuration changes locks out the user operating system IDs of any people identified in the security matrix for that project.

    XMLWordPrintable

Details

    • Bug
    • Status: Resolved (View Workflow)
    • Critical
    • Resolution: Fixed
    • None
    • Running Jenkins as a windows service on a win 2003 server using a master-slave setup.

    Description

      Making changes to configuration of projects triggers an Active Directory validation of the users on that project's security matrix which result in AD locks of users windows IDs. Our AD system is set up to lock any ID that attempts to validate and fails to do so 3 times in a row. Users have to contact help desk to unlock IDs after that.

      I suspect that there might be an issue with Jenkins keeping older passwords internally and this causes locking when authentication attempts occur with the incorrect password. Our system forces password changes every 90 days. Unable to perform any kind of configuration changes for fear of locking out users.

      Rolled back from version 1.26 to 1.24 whch ws previously there and the problem stopped occuring.

      Attachments

        Activity

          alexlombardi alexlombardi created issue -
          alexlombardi alexlombardi made changes -
          Field Original Value New Value
          Description Making changes to configuration of projects triggers an Active Directory validation of the users on that project's security matrix which result in AD locks of users windows IDs. Our AD system is set up to lock any ID that attempts to validate and fails to do so 3 times in a row. Users have to contact help desk to unlock IDs after that.

          I suspect that there might be an issue with Jenkins keeping older passwords internally and this causes locking when authentication attempts occur with the incorrect password. Our system forces password changes every 90 days. Unable t perform any kind of configuration changes for fear of locking ut users.
          Making changes to configuration of projects triggers an Active Directory validation of the users on that project's security matrix which result in AD locks of users windows IDs. Our AD system is set up to lock any ID that attempts to validate and fails to do so 3 times in a row. Users have to contact help desk to unlock IDs after that.

          I suspect that there might be an issue with Jenkins keeping older passwords internally and this causes locking when authentication attempts occur with the incorrect password. Our system forces password changes every 90 days. Unable to perform any kind of configuration changes for fear of locking out users.

          Rolled back from version 1.26 to 1.24 whch ws previously there and the problem stopped occuring.
          scm_issue_link SCM/JIRA link daemon made changes -
          Resolution Fixed [ 1 ]
          Status Open [ 1 ] Resolved [ 5 ]
          rtyler R. Tyler Croy made changes -
          Workflow JNJira [ 144062 ] JNJira + In-Review [ 190887 ]

          People

            Unassigned Unassigned
            alexlombardi alexlombardi
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: