Geek Answers Handbook

Validating Jenkins and Active Directory

we are trying to configure Jenkins to automate the assembly. We have been using Hudson for a long time, but now we are moving to Jenkins because of support for Active Directory authentication. The AD plugin is already installed: https://wiki.jenkins-ci.org/display/JENKINS/Active+Directory+plugin As far as I can see, Jenkins is trying to connect to the AD server, but receives the message "socket is closed." Here is part of the stack trace:

Failed to test the validity of the user name <SOMEUSER> org.acegisecurity.BadCredentialsException: Failed to retrieve user information for <SOMEUSER>; nested exception is javax.naming.ServiceUnavailableException: <SOMENAME>.<SOMENAME>:636; socket closed; remaining name 'DC=<SOMENAME>,DC=<SOMENAME>' at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:306) at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:190) at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:134) at hudson.plugins.active_directory.AbstractActiveDirectoryAuthenticationProvider.loadUserByUsername(AbstractActiveDirectoryAuthenticationProvider.java:30)

I am 100% sure that the credentials are correct. The server that runs Jenkins is in the domain, so everything is fine from now on. I believe Jenkins is hiding some error messages, so I cannot pinpoint the problem ...

+4
source share
1 answer

Under Manage Jenkins> Configure System:

  • Enable security
  • Security Realm = Active Directory
  • Enter your "domain name"
  • Click " Advanced " next to the right side (only under the (?) Button)
  • Add Domain Controller
  • In the Site section: add the necessary information (OU = <>, DC = <>, etc.) - as much as you want - we have 5 units and 3 DC fields
  • Add the bind user to the Bind DN field (ours is something like CN =, OU =, DC =, DC =, DC =
  • Add your bind password in the Bind password field

As soon as you install all this (or how much you need): Click the Test button (it should be under the Bind Password field, on the right next to the help buttons (?).

Let me know if you don’t see them.

+ ================================================== ================ +

Edit:

For the Bind username, you can try the following:

CN =, OU = SMTH, OU = SMTH, OU = SMTH, OU = SMTH DC = SMTH DC = SMTH DC = SMTH

where is the LDAP service name, or bind the service name. I did not see

CN = SECOND_NAME \, FIRST_NAME - USER_ID

before (not to say that this is wrong, just unknown to me). So something like

CN = MY LDAP SVC account, OU = SMTH, OU = services, OU = accounts, OU = mine, DC = domain, DC = com

+5
source

More articles:


All Articles