We are trying to migrate our jenkins install into AWS and there seems to be some strange things happening when we restore a thinbackup.  It is changing the 

Our production system is Jenkins 2.86 running on RHEL 7 and using Active Directory for authentication.

I spin up a new Ubuntu 16 instance on AWS, install Jenkins 2.86 and get it running.

I install ThinBackup and copy a full backup from our old server to the new one.  Then I start a restore with "restore plugins" checked.  After the restore is completed, I try to log in to the new server, and the login fails.

Examining the logs, the bind to the Active Directory is failing.

A diff of the config.xml shows that three things have changed:

The <bindPassword> entry under       <hudson.plugins.active__directory.ActiveDirectoryDomain>

The <privateKey> entry under <hudson.plugins.ec2.EC2Cloud plugin="ec2@1.37">

The  <hudson.plugins.git.GitBranchSpecifierColumn plugin="git@3.6.4"/> column in a     <listView>.

I switch off security, restart Jenkins, then in the web interface turn security back on and reactivate the Active Directory authentication with the same bind username and password on our production server.  Authentication works after that, and the <bindPassword> stored in the config.xml is different than the one on the original server.

If this was just a matter of turning security off and on again it would be easy to deal with.  Unfortunately turning off security wipes our matrix authentication as well.