-
Bug
-
Resolution: Not A Defect
-
Major
-
Ubuntu Server 11.04 32 bits(jenkins server), Windows XP sp3 32 bits (client), Jenkins version 1.480.3, Active directory plugin version 1.33, Role strategy plugin version 1.1.2
Hello everyone
I'm totally lost in this moment.
It's my first approach to Jenkins and I need to figure out if it's possible to combine both plugins named above.
When we configured Jenkins at the beginning, we used "Jenkins's own user database" (for security realm) and "Matrix-Based security" (for authorization). So we could create an give permissions to user manually. That was fine, but we are a big number of users, and it takes a lot of time to set up every user manually. So we try something "better".
We change Access control configuration. For Security realm, now we use "Active directory" (it should be ok, because we use the same for other systems/programs) so every user can access using the "user" and "password" of corporative e-mail account. And for Authorization we use "Role-Based Strategy", so instead of giving specific permission user by user, we created "groups" (e.g. admin, developer, visitor, etc.) and every user is assigned to a group, and we give different permission to different groups.
With this, the first problem was, when we logged in, we have no permissions (just read) and nobody had admin permission. Trying to solve this issue, I access to Jenkins "config.xml" file and set up one admin.
I logged in with this admin account, and I got access to everything, but when I went to the users list(Manage and assign Roles -> Assign role), it was empty, just my name were there but with a red error message: "Failed to test the validity of the user name " and a link saying "show details". I pressed the link an got the following: (see stacktrace1.txt)
After making some research I found this page https://wiki.jenkins-ci.org/display/JENKINS/Active+Directory+plugin and followed the instructions of "Troubleshooting", then I got this: (see stacktrace2.txt)
So I don't know how to fix this, I've searched on the web but I didn't find information about using these two plugins together.
Can somebody help me? More information is needed?
Hope you can help me
- is related to
-
-
- Open
-
[JENKINS-18906] Problem with Active Directory plugin and Role-Based Strategy plugin working together
Angelo Cordova
added a comment - Thanks for your answer.
You are right. We have been working, even with that error message, but everything goes perfect. We can create jobs, assign different roles to different users, log-in with appropriate profile, execute builds, etc.
Btw, we're already using LDAP.
Thanks for your help!!!
Angelo Cordova
added a comment - Thanks for your answer.
You are right. We have been working, even with that error message, but everything goes perfect. We can create jobs, assign different roles to different users, log-in with appropriate profile, execute builds, etc.
Btw, we're already using LDAP.
Thanks for your help!!! No problem. I've finally configured default assignee for this plugin, so there won't be 1-month delay in future 
Hello,
> With this, the first problem was, when we logged in, we have no permissions (just read) and nobody had admin permission
By default, plugin grants admin permissions to the user, who has configured Jenkins to use this security plugin
> I logged in with this admin account, and I got access to everything, but when I went to the users list(Manage and assign Roles -> Assign role), it was empty, just my name were there but with a red error message: "Failed to test the validity of the user name "
It is a well-known issue (https://issues.jenkins-ci.org/browse/JENKINS-14057). I recommend LDAP plugin (Active directory has built-in support of LDAP, just contact your admins). BTW, validation errors don't affect operation of the plugin (it affects web interface only + there are several issues with groups).
Best regards,
Oleg Nenashev