Re: LDAP: does not work for jenkins 1.606 with Ldapplugin 1.6
v_sathyamurthy (2015-04-02 19:00): Hello Folks, I would really appreciate if some one could help me. I have installed jenkins 1.606 on windows,and tried to enable the global security link. I configured everything correctly. When enver I tried to test the login I always brought back to error page. *Invalid login information. Please try again. Try again* *If you are a system administrator and suspect this to be a configuration problem, see the server console output for more details.* My configuration looks like below: useSecuritytrue/useSecurity authorizationStrategy class=hudson.security.FullControlOnceLoggedInAuthorizationStrategy/ securityRealm class=hudson.security.LDAPSecurityRealm plugin=ldap@1.6 mailto:ldap@1.6 serverldap://dev-corpldap.com:389/server rootDNdc=mycompany,dc=com/rootDN inhibitInferRootDNfalse/inhibitInferRootDN userSearchBaseou=internal,ou=users,dc=mycompany,dc=com/userSearchBase userSearchuid={0}/userSearch managerDNuid=bindid,ou=system,ou=users,dc=mycompany,dc=com/managerDN managerPasswordUGFzc3dvcmRAMTIz/managerPassword disableMailAddressResolvertrue/disableMailAddressResolver /securityRealm ... If you are using AcitveDirectory (Windows domain) as LDAP then `userSearch` should be `sAMAccountName={0}`. Also `userSearchBase` might be different. This might vary between installations, but I'm using `CN=Users` and it works fine. Regards, Nux. -- You received this message because you are subscribed to the Google Groups Jenkins Users group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/5538BAD6.2010300%40mol.com.pl. For more options, visit https://groups.google.com/d/optout.
Re: LDAP: does not work for jenkins 1.606 with Ldapplugin 1.6
PS: Also `managerDN` should simply be a user name prefixed with domain name e.g. `MYCOMPANY\MyUser`. Any user with basic permissions should work. Maciej Jaros (2015-04-23 11:26): v_sathyamurthy (2015-04-02 19:00): Hello Folks, I would really appreciate if some one could help me. I have installed jenkins 1.606 on windows,and tried to enable the global security link. I configured everything correctly. When enver I tried to test the login I always brought back to error page. *Invalid login information. Please try again. Try again* *If you are a system administrator and suspect this to be a configuration problem, see the server console output for more details.* My configuration looks like below: useSecuritytrue/useSecurity authorizationStrategy class=hudson.security.FullControlOnceLoggedInAuthorizationStrategy/ securityRealm class=hudson.security.LDAPSecurityRealm plugin=ldap@1.6 mailto:ldap@1.6 serverldap://dev-corpldap.com:389/server rootDNdc=mycompany,dc=com/rootDN inhibitInferRootDNfalse/inhibitInferRootDN userSearchBaseou=internal,ou=users,dc=mycompany,dc=com/userSearchBase userSearchuid={0}/userSearch managerDNuid=bindid,ou=system,ou=users,dc=mycompany,dc=com/managerDN managerPasswordUGFzc3dvcmRAMTIz/managerPassword disableMailAddressResolvertrue/disableMailAddressResolver /securityRealm ... If you are using AcitveDirectory (Windows domain) as LDAP then `userSearch` should be `sAMAccountName={0}`. Also `userSearchBase` might be different. This might vary between installations, but I'm using `CN=Users` and it works fine. Regards, Nux. -- You received this message because you are subscribed to the Google Groups Jenkins Users group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com mailto:jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/5538BAD6.2010300%40mol.com.pl https://groups.google.com/d/msgid/jenkinsci-users/5538BAD6.2010300%40mol.com.pl?utm_medium=emailutm_source=footer. For more options, visit https://groups.google.com/d/optout. MOL sp. z o.o. *Maciej Jaros* e-mail: mac...@mol.com.pl mailto:mac...@mol.com.pl WWW: www.mol.pl http://www.mol.pl/ tel: 58 669 80 90 fax: 58 669 80 91 -- You received this message because you are subscribed to the Google Groups Jenkins Users group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/5538BB72.9020306%40mol.com.pl. For more options, visit https://groups.google.com/d/optout.
Re: LDAP: does not work for jenkins 1.606 with Ldapplugin 1.6
Hello Victor, The main issue I am facing is not sure if the requet is hitting correctly for ldap call. That is the reason I am trying to set debug unfortunately could not server is starting perfectly with all the right config for ldap setting. Look below: The login screen is not hitting /j_acegi_security_check correctly and everytime leads to error page. === C:\Jenkinsjava -jar jenkins.war Running from: C:\Jenkins\jenkins.war webroot: $user.home/.jenkins Apr 06, 2015 2:54:36 PM winstone.Logger logInternal INFO: Beginning extraction from war file Apr 06, 2015 2:54:36 PM org.eclipse.jetty.util.log.JavaUtilLog info INFO: jetty-winstone-2.8 Apr 06, 2015 2:54:38 PM org.eclipse.jetty.util.log.JavaUtilLog info INFO: NO JSP Support for , did not find org.apache.jasper.servlet.JspServlet Jenkins home directory: C:\Users\e513788\.jenkins found at: $user.home/.jenkins Apr 06, 2015 2:54:39 PM org.eclipse.jetty.util.log.JavaUtilLog info INFO: Started SelectChannelConnector@0.0.0.0:8080 Apr 06, 2015 2:54:39 PM winstone.Logger logInternal INFO: Winstone Servlet Engine v2.0 running: controlPort=disabled Apr 06, 2015 2:54:39 PM jenkins.InitReactorRunner$1 onAttained INFO: Started initialization Apr 06, 2015 2:54:40 PM jenkins.InitReactorRunner$1 onAttained INFO: Listed all plugins Apr 06, 2015 2:54:40 PM jenkins.InitReactorRunner$1 onAttained INFO: Prepared all plugins Apr 06, 2015 2:54:40 PM jenkins.InitReactorRunner$1 onAttained INFO: Started all plugins Apr 06, 2015 2:54:40 PM jenkins.InitReactorRunner$1 onAttained INFO: Augmented all extensions Apr 06, 2015 2:54:40 PM jenkins.InitReactorRunner$1 onAttained INFO: Loaded all jobs Apr 06, 2015 2:54:44 PM org.jenkinsci.main.modules.sshd.SSHD start INFO: Started SSHD at port 63262 Apr 06, 2015 2:54:44 PM jenkins.util.groovy.GroovyHookScript execute INFO: Executing C:\Users\my\.jenkins\init.groovy.d\extralogging.groovy Apr 06, 2015 2:54:45 PM hudson.model.AsyncPeriodicWork$1 run INFO: Started Download metadata before define logger after setting log level:ALL Apr 06, 2015 2:54:45 PM jenkins.InitReactorRunner$1 onAttained INFO: Completed initialization Apr 06, 2015 2:54:45 PM org.springframework.web.context.support.StaticWebApplicationContext prepareRefresh INFO: Refreshing org.springframework.web.context.support.StaticWebApplicationContext@6c1aa804: display name [Root WebApplicationContext]; startup date [Mon Apr 06 14:54:45 EDT 2015]; root of context hierarchy Apr 06, 2015 2:54:45 PM org.springframework.web.context.support.StaticWebApplicationContext obtainFreshBeanFactory INFO: Bean factory for application context [org.springframework.web.context.support.StaticWebApplicationContext@6c1aa804]: org.springframework.beans.factory.support.DefaultListableBeanFactory@2ebb3cc4 Apr 06, 2015 2:54:45 PM org.springframework.beans.factory.support.DefaultListableBeanFactory preInstantiateSingletons INFO: Pre-instantiating singletons in org.springframework.beans.factory.support.DefaultListableBeanFactory@2ebb3cc4: defining beans [initialDirContextFactory,bindAuthenticator,ldapUserSearch,authenticationManager,authoritiesPopulator]; root of factory hierarchy Apr 06, 2015 2:54:45 PM org.acegisecurity.ldap.DefaultInitialDirContextFactory setProviderUrl INFO: URL 'ldap://dev-corpldap.com:2389/dc=mycompany,dc=com', root DN is 'dc=mycompany,dc=com' Apr 06, 2015 2:54:45 PM org.acegisecurity.providers.ldap.populator.DefaultLdapAuthoritiesPopulator setGroupSearchBase INFO: groupSearchBase is empty. Searches will be performed from the root: dc=mycompany,dc=com Inside AuthenticationProcessingFilter2 URL=/j_acegi_security_check Apr 06, 2015 2:54:46 PM org.springframework.web.context.support.StaticWebApplicationContext prepareRefresh INFO: Refreshing org.springframework.web.context.support.StaticWebApplicationContext@7839fb04: display name [Root WebApplicationContext]; startup date [Mon Apr 06 14:54:46 EDT 2015]; root of context hierarchy Apr 06, 2015 2:54:46 PM org.springframework.web.context.support.StaticWebApplicationContext obtainFreshBeanFactory INFO: Bean factory for application context [org.springframework.web.context.support.StaticWebApplicationContext@7839fb04]: org.springframework.beans.factory.support.DefaultListableBeanFactory@4bcb5109 Apr 06, 2015 2:54:46 PM org.springframework.beans.factory.support.DefaultListableBeanFactory preInstantiateSingletons INFO: Pre-instantiating singletons in org.springframework.beans.factory.support.DefaultListableBeanFactory@4bcb5109: defining beans [filter,legacy]; root of factory hierarchy Apr 06, 2015 2:54:46 PM hudson.WebAppMain$3 run INFO: Jenkins is fully up and running Apr 06, 2015 2:54:46 PM hudson.WebAppMain$3 run INFO: Jenkins is fully up and running Apr 06, 2015 2:55:07 PM hudson.model.AsyncPeriodicWork$1 run == thanks Venkat On Thursday, April 2, 2015 at 2:36:38 PM UTC-4, Victor Martinez wrote: Follow the below steps: -
Re: LDAP: does not work for jenkins 1.606 with Ldapplugin 1.6
Hello victor, I created the groovy script and noticed it is executing still no luck, I could not see any logs. I am trying to understand is the control is going there are not. Grrovy script: import java.util.logging.ConsoleHandler import java.util.logging.LogManager import java.util.logging.Level def logger = LogManager.getLogManager().getLogger(hudson.security) logger.addHandler (new ConsoleHandler()) logger.setLevel(Level.ALL) Console output === Apr 06, 2015 11:55:48 AM jenkins.util.groovy.GroovyHookScript execute INFO: Executing C:\Users\e513788\.jenkins\init.groovy.d\extralogging.groovy thanks venkat On Thursday, April 2, 2015 at 2:36:38 PM UTC-4, Victor Martinez wrote: Follow the below steps: - https://wiki.jenkins-ci.org/display/JENKINS/Logging - Since that plugin uses loggers: https://github.com/jenkinsci/ldap-plugin/blob/ldap-1.6/src/main/java/hudson/security/LDAPSecurityRealm.java#L796 - Add the below logger: hudson.security I hope it helps :) On Thursday, 2 April 2015 20:05:48 UTC+2, v_sathy...@hotmail.com wrote: Hello Victor, I tried search for logging and no good help. Moreover I am still struggling to enable as debug so that I can trace the calls. Any helpful links would be much appreciated. thanks Venkat On Thursday, April 2, 2015 at 1:25:02 PM UTC-4, Victor Martinez wrote: I don't know if you already to record those loggers (search for jenkins + logging). Then you can check that LDAP plugin, search for its scm and validate whether it does have any loggers if so you can easily configure to listen debug that plugin. I hope it helps. Sorry if I didn't put any URL but unfortunately I'm with mobile and chrome doesn't let me copypaste ^^ Cheers -- You received this message because you are subscribed to the Google Groups Jenkins Users group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/0bdecc95-18dd-424e-b052-d5e81b018b89%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
LDAP: does not work for jenkins 1.606 with Ldapplugin 1.6
I don't know if you already to record those loggers (search for jenkins + logging). Then you can check that LDAP plugin, search for its scm and validate whether it does have any loggers if so you can easily configure to listen debug that plugin. I hope it helps. Sorry if I didn't put any URL but unfortunately I'm with mobile and chrome doesn't let me copypaste ^^ Cheers -- You received this message because you are subscribed to the Google Groups Jenkins Users group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/537aa4b1-8fc4-4ecf-aa08-85c88d89c789%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
LDAP: does not work for jenkins 1.606 with Ldapplugin 1.6
Hello Folks, I would really appreciate if some one could help me. I have installed jenkins 1.606 on windows,and tried to enable the global security link. I configured everything correctly. When enver I tried to test the login I always brought back to error page. *Invalid login information. Please try again. Try again* *If you are a system administrator and suspect this to be a configuration problem, see the server console output for more details.* My configuration looks like below: useSecuritytrue/useSecurity authorizationStrategy class=hudson.security.FullControlOnceLoggedInAuthorizationStrategy/ securityRealm class=hudson.security.LDAPSecurityRealm plugin=ldap@1.6 serverldap://dev-corpldap.com:389/server rootDNdc=mycompany,dc=com/rootDN inhibitInferRootDNfalse/inhibitInferRootDN userSearchBaseou=internal,ou=users,dc=mycompany,dc=com/userSearchBase userSearchuid={0}/userSearch managerDNuid=bindid,ou=system,ou=users,dc=mycompany,dc=com/managerDN managerPasswordUGFzc3dvcmRAMTIz/managerPassword disableMailAddressResolvertrue/disableMailAddressResolver /securityRealm Moreover, on the console log I could not see any log related to call going for ldap auth. All I see like below C:\Jenkins C:\Jenkinsjava -jar jenkins.war Running from: C:\Jenkins\jenkins.war webroot: $user.home/.jenkins Apr 02, 2015 12:41:19 PM winstone.Logger logInternal INFO: Beginning extraction from war file Apr 02, 2015 12:41:19 PM org.eclipse.jetty.util.log.JavaUtilLog info INFO: jetty-winstone-2.8 Apr 02, 2015 12:41:21 PM org.eclipse.jetty.util.log.JavaUtilLog info INFO: NO JSP Support for , did not find org.apache.jasper.servlet.JspServlet Jenkins home directory: C:\Users\e513788\.jenkins found at: $user.home/.jenkins Apr 02, 2015 12:41:22 PM org.eclipse.jetty.util.log.JavaUtilLog info INFO: Started SelectChannelConnector@0.0.0.0:8080 Apr 02, 2015 12:41:22 PM winstone.Logger logInternal INFO: Winstone Servlet Engine v2.0 running: controlPort=disabled Apr 02, 2015 12:41:22 PM jenkins.InitReactorRunner$1 onAttained INFO: Started initialization Apr 02, 2015 12:41:22 PM jenkins.InitReactorRunner$1 onAttained INFO: Listed all plugins Apr 02, 2015 12:41:22 PM jenkins.InitReactorRunner$1 onAttained INFO: Prepared all plugins Apr 02, 2015 12:41:22 PM jenkins.InitReactorRunner$1 onAttained INFO: Started all plugins Apr 02, 2015 12:41:22 PM jenkins.InitReactorRunner$1 onAttained INFO: Augmented all extensions Apr 02, 2015 12:41:22 PM jenkins.InitReactorRunner$1 onAttained INFO: Loaded all jobs Apr 02, 2015 12:41:27 PM org.jenkinsci.main.modules.sshd.SSHD start INFO: Started SSHD at port 59175 Apr 02, 2015 12:41:27 PM hudson.model.AsyncPeriodicWork$1 run INFO: Started Download metadata Apr 02, 2015 12:41:27 PM jenkins.InitReactorRunner$1 onAttained INFO: Completed initialization Apr 02, 2015 12:41:28 PM org.springframework.web.context.support.StaticWebApplicationContext prepareRefresh INFO: Refreshing org.springframework.web.context.support.StaticWebApplicationContext@60c6fe68: display name [Root WebApplicationContext]; startup date [Thu Apr 02 12:41:28 EDT 2015]; root of context hiera Apr 02, 2015 12:41:28 PM org.springframework.web.context.support.StaticWebApplicationContext obtainFreshBeanFactory INFO: Bean factory for application context [org.springframework.web.context.support.StaticWebApplicationContext@60c6fe68]: org.springframework.beans.factory.support.DefaultListableBeanFactory@457d0e81 Apr 02, 2015 12:41:28 PM org.springframework.beans.factory.support.DefaultListableBeanFactory preInstantiateSingletons INFO: Pre-instantiating singletons in org.springframework.beans.factory.support.DefaultListableBeanFactory@457d0e81: defining beans [initialDirContextFactory,bindAuthenticator,ldapUserSearch,authenticatio Apr 02, 2015 12:41:28 PM org.acegisecurity.ldap.DefaultInitialDirContextFactory setProviderUrl INFO: URL 'ldap://dev-corpldap.com:389/dc=mycompany,dc=com', root DN is 'dc=mycompany,dc=com' Apr 02, 2015 12:41:28 PM org.springframework.web.context.support.StaticWebApplicationContext prepareRefresh INFO: Refreshing org.springframework.web.context.support.StaticWebApplicationContext@21306eb2: display name [Root WebApplicationContext]; startup date [Thu Apr 02 12:41:28 EDT 2015]; root of context hiera Apr 02, 2015 12:41:28 PM org.springframework.web.context.support.StaticWebApplicationContext obtainFreshBeanFactory INFO: Bean factory for application context [org.springframework.web.context.support.StaticWebApplicationContext@21306eb2]: org.springframework.beans.factory.support.DefaultListableBeanFactory@6ad0f4d1 Apr 02, 2015 12:41:28 PM org.springframework.beans.factory.support.DefaultListableBeanFactory preInstantiateSingletons INFO: Pre-instantiating singletons in org.springframework.beans.factory.support.DefaultListableBeanFactory@6ad0f4d1: defining beans [filter,legacy]; root of factory hierarchy Apr 02,
Re: LDAP: does not work for jenkins 1.606 with Ldapplugin 1.6
Follow the below steps: - https://wiki.jenkins-ci.org/display/JENKINS/Logging - Since that plugin uses loggers: https://github.com/jenkinsci/ldap-plugin/blob/ldap-1.6/src/main/java/hudson/security/LDAPSecurityRealm.java#L796 - Add the below logger: hudson.security I hope it helps :) On Thursday, 2 April 2015 20:05:48 UTC+2, v_sathy...@hotmail.com wrote: Hello Victor, I tried search for logging and no good help. Moreover I am still struggling to enable as debug so that I can trace the calls. Any helpful links would be much appreciated. thanks Venkat On Thursday, April 2, 2015 at 1:25:02 PM UTC-4, Victor Martinez wrote: I don't know if you already to record those loggers (search for jenkins + logging). Then you can check that LDAP plugin, search for its scm and validate whether it does have any loggers if so you can easily configure to listen debug that plugin. I hope it helps. Sorry if I didn't put any URL but unfortunately I'm with mobile and chrome doesn't let me copypaste ^^ Cheers -- You received this message because you are subscribed to the Google Groups Jenkins Users group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/68219ee3-122b-4485-8e1f-e6bd15a86ae2%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: LDAP: does not work for jenkins 1.606 with Ldapplugin 1.6
Hello Victor, I tried search for logging and no good help. Moreover I am still struggling to enable as debug so that I can trace the calls. Any helpful links would be much appreciated. thanks Venkat On Thursday, April 2, 2015 at 1:25:02 PM UTC-4, Victor Martinez wrote: I don't know if you already to record those loggers (search for jenkins + logging). Then you can check that LDAP plugin, search for its scm and validate whether it does have any loggers if so you can easily configure to listen debug that plugin. I hope it helps. Sorry if I didn't put any URL but unfortunately I'm with mobile and chrome doesn't let me copypaste ^^ Cheers -- You received this message because you are subscribed to the Google Groups Jenkins Users group. To unsubscribe from this group and stop receiving emails from it, send an email to jenkinsci-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/jenkinsci-users/0c74541c-9619-4590-8ec3-922ad85eaecc%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.