Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-48513

AD Plugin creates partial configuration if error connecting

      The AD plugin checks for connectivity during its initialization:
      https://github.com/jenkinsci/active-directory-plugin/blob/fd842788a91d34cac5061045a2a937353c9b908c/src/main/java/hudson/plugins/active_directory/ActiveDirectoryDomain.java#L302

      Configuring at startup via init.d groovy:

      def instance = Jenkins.getInstance()
      
      println "--> configure LDAP"
      String domain = "server.domain.com"
      String site = "site"
      String server = "server:3268"
      String bindName = "username"
      String bindPassword = 'password'
      
      adrealm = new ActiveDirectorySecurityRealm(domain, site, bindName, bindPassword, server)
      instance.setSecurityRealm(adrealm)
      

      If this fails, it will throw an error at startup but will also create partial configuration, causing havoc:

          <domains>
            <hudson.plugins.active__directory.ActiveDirectoryDomain>
              <name></name>
              <servers>server:3268</servers>
              <bindPassword>{redact}</bindPassword>
            </hudson.plugins.active__directory.ActiveDirectoryDomain>
          </domains>
      

      It creates the block but leaves out bindName whic is not indicitive of a failure. It should either create NO configuration block on failure or add the bindName instead of only leaving out a piece.

          [JENKINS-48513] AD Plugin creates partial configuration if error connecting

          Connectivity might be one issue but I also had to add the following lines in order to make it work on versions 2.6 and 2.8

          adrealm.getDomains().each({
              it.bindName = adrealm.bindName
              it.bindPassword = adrealm.bindPassword
          })
          instance.setSecurityRealm(adrealm)
          instance.save()
          

          Konstantinos Psimoulis added a comment - Connectivity might be one issue but I also had to add the following lines in order to make it work on versions 2.6 and 2.8 adrealm.getDomains().each({ it.bindName = adrealm.bindName it.bindPassword = adrealm.bindPassword }) instance.setSecurityRealm(adrealm) instance.save()

          David Troup added a comment - - edited

          I'm still having this issue on Jenkins 2.121.2 (LTS) and AD 2.8, on CentOS 7.5. It was working until recently.

          I'm also new to groovy and not sure how to implement the above suggestion from KP into the script to fix the issue?

          Any help on this would be greatly appreciated.

          David Troup added a comment - - edited I'm still having this issue on Jenkins 2.121.2 (LTS) and AD 2.8, on CentOS 7.5. It was working until recently. I'm also new to groovy and not sure how to implement the above suggestion from KP into the script to fix the issue? Any help on this would be greatly appreciated.

            fbelzunc FĂ©lix Belzunce Arcos
            myoung34 marc young
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated: