为了方便用户管理,通过ldap集中式认证,让Gitlab和Jenkins都接入,这样就省去每个系统都是要创建用户的麻烦了。上一篇Jenkins整合ldap认证的文章中有网友发邮件说了,配置不当导致Jenkins无法登陆,可能文章未能详细说明。
运维人员都会有这样的操作,修改任何配置文件前都会来一个备份。就是确保万一出错了可以回到之前的状态。所以建议就是Jenkins配置的问题,特别是这个登陆认证的配置,一搞错了就无法登陆。甚至无法正常访问到系统。
默认Centos7使用rpm安装的目录为:/var/lib/jenkins/
备份配置文件:config.xml
[root@jenkins ~]# cp /var/lib/jenkins/config.xml{,$(date +%F)} [root@jenkins ~]# ls /var/lib/jenkins/config.xml config.xml config.xml2019-06-12
然后在config.xml配置文件中找到这段关于ldap认证的信息:
<securityRealm class="hudson.security.LDAPSecurityRealm" plugin="[email protected]"> <disableMailAddre***esolver>false</disableMailAddre***esolver> <configurations> <jenkins.security.plugins.ldap.LDAPConfiguration> <server>ldap://XXXXXX.com:389</server> <rootDN>dc=XXXXXX,dc=com</rootDN> <inhibitInferRootDN>false</inhibitInferRootDN> <userSearchBase></userSearchBase> <userSearch>uid={0}</userSearch> <groupMembershipStrategy class="jenkins.security.plugins.ldap.FromGroupSearchLDAPGroupMembershipStrategy"> <filter>cn=jenkins</filter> </groupMembershipStrategy> <managerDN>uid=jarry,ou=People,dc=XXXXXX,dc=com</managerDN> <managerPasswordSecret>{AQAAABAAAAAQWfZrb7qoIjewuj3SK/z53/oRo86cW5wi/t07QeW/4mM=}</managerPasswordSecret> <displayNameAttributeName>uid</displayNameAttributeName> <mailAddressAttributeName>mail</mailAddressAttributeName> <ignoreIfUnavailable>false</ignoreIfUnavailable> <extraEnvVars class="linked-hash-map"> <entry> <string></string> <string></string> </entry> </extraEnvVars> </jenkins.security.plugins.ldap.LDAPConfiguration> </configurations> <userIdStrategy class="jenkins.model.IdStrategy$CaseInsensitive"/> <groupIdStrategy class="jenkins.model.IdStrategy$CaseInsensitive"/> <disableRolePrefixing>true</disableRolePrefixing> </securityRealm>
上面的配置不当导致了无法通过ldap认证,而且导致jenkins也无法正常登陆了,可以把上面一段修改成以下样子:
<securityRealm class="hudson.security.HudsonPrivateSecurityRealm"> <disableSignup>false</disableSignup> <enableCaptcha>false</enableCaptcha> </securityRealm>
文章来源:https://www.58jb.com/html/jenkins_ldap_login_failure.html
转载于:https://blog.51cto.com/2305427/2408243