Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-45193

LDAP 1.5 hangs and stops querying sources

    Details

    • Type: Bug
    • Status: Open (View Workflow)
    • Priority: Critical
    • Resolution: Unresolved
    • Component/s: ldap-plugin
    • Labels:
      None
    • Environment:
      Jenkins 1.625.3
      LDAP Plugin 1.15
      Mailer 1.20
    • Similar Issues:

      Description

      Very randomly (it seems) the LDAP plugin stops responding entirely, sometimes it seems to recover ... mostly not until jenkins is restarted.

      I have had a number of instances where the plugin ceases to contact the LDAP sources that are entered (2 sources separated by space using default 389 port).

      Each time I then try to connect I get a login error, however, at the same time I am running tcpdump and the number of packets being processed is 0.  Successful authentication is about 15 and failed about 30.

      I have even tested running ldapsearch at the same time as tcpdumping the server and logging in to the gui and the ldapsearch is successful while the login fails.  A restart of jenkins will fix this, however, there are zero log entries (/var/log) about the plugin while it is in this state.  

      I am somewhat hamstrung reporting errors as the servers are in a walled environment that I cannot copy/paste or extract logs from.

      Tried with cache and no cache enabled, but it makes no difference overall.

      I've tried optimising the queries with (& (uid={0}) (objectClass=posixaccount) (objectClass=person)) but if its not attempting to reach the LDAP server there isnt much I can do about it.  

      I could really use some way of outputting logs from the ldap plugin to disk to take this further.

      The frustrating thing is that most of the time it works but when it fails it goes for periods of time and having LDAP based service account running some triggered builds from another source means that they fail.

        Attachments

          Activity

          Hide
          oleg_nenashev Oleg Nenashev added a comment -

          In order to set proper expectation, I have unassigned Kohsuke from this tickets.
          Currently there is no Default assignee in the LDAP plugin, any contributions will be appreciated.

          Show
          oleg_nenashev Oleg Nenashev added a comment - In order to set proper expectation, I have unassigned Kohsuke from this tickets. Currently there is no Default assignee in the LDAP plugin, any contributions will be appreciated.

            People

            • Assignee:
              Unassigned
              Reporter:
              kipper Stuart Cooper
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated: