[JIRA] (JENKINS-13595) Active Directory authentication when making configuration changes locks out the user operating system IDs of any people identified in the security matrix for that project.

Thu, 26 Apr 2012 13:28:26 -0700 

    [ 
https://issues.jenkins-ci.org/browse/JENKINS-13595?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=162100#comment-162100
 ] 

Kohsuke Kawaguchi commented on JENKINS-13595:
---------------------------------------------

Hmm, I still suspect you are using "64bit code path", which uses 
{{ActiveDirectoryUnixAuthenticationProvider}} instead of 
{{ActiveDirectoryAuthenticationProvider}}.

Perhaps you specify a custom domain name? Does any stack trace report 
{{ActiveDirectoryUnixAuthenticationProvider}}?
                
> Active Directory authentication when making configuration changes locks out 
> the user operating system IDs of any people identified in the security matrix 
> for that project.
> ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: JENKINS-13595
>                 URL: https://issues.jenkins-ci.org/browse/JENKINS-13595
>             Project: Jenkins
>          Issue Type: Bug
>          Components: active-directory
>    Affects Versions: current
>         Environment: Running Jenkins as a windows service on a win 2003 
> server using a master-slave setup.
>            Reporter: alexlombardi
>            Priority: Critical
>             Fix For: current
>
>
> Making changes to configuration of projects triggers an Active Directory 
> validation of the users on that project's security matrix which result in AD 
> locks of users windows IDs. Our AD system is set up to lock any ID that 
> attempts to validate and fails to do so 3 times in a row. Users have to 
> contact help desk to unlock IDs after that.
> I suspect that there might be an issue with Jenkins keeping older passwords 
> internally and this causes locking when authentication attempts occur with 
> the incorrect password. Our system forces password changes every 90 days. 
> Unable to perform any kind of configuration changes for fear of locking out 
> users.
> Rolled back from version 1.26 to 1.24 whch ws previously there and the 
> problem stopped occuring.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.jenkins-ci.org/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to