Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-47133

Anonymous binding doesn't retrieve the user groups

    Details

    • Similar Issues:

      Description

      Configuring the Active directory security realm without setting the property Bind DN will cause to fail while retrieving the groups.

      Though you are able to authenticate, if you access to $JENKINS_URL/user/$USERNAME/ you will get an exception like

      sep 26, 2017 1:21:19 PM hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider$1 call
      WARNING: Failed to retrieve user information for ${USERNAME}
      javax.naming.NamingException: [LDAP: error code 1 - 00002020: Operation unavailable without authentication]; remaining name 'DC=samdom,DC=example,DC=com'
      	at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3175)
      	at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3081)
      	at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2888)
      	at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1846)
      	at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1769)
      	at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1786)
      	at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:418)
      	at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:396)
      	at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:378)
      	at hudson.plugins.active_directory.LDAPSearchBuilder.search(LDAPSearchBuilder.java:120)
      	at hudson.plugins.active_directory.LDAPSearchBuilder.searchOne(LDAPSearchBuilder.java:85)
      	at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider$1.call(ActiveDirectoryUnixAuthenticationProvider.java:386)
      	at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider$1.call(ActiveDirectoryUnixAuthenticationProvider.java:341)
      	at com.google.common.cache.LocalCache$LocalManualCache$1.load(LocalCache.java:4767)
      	at com.google.common.cache.LocalCache$LoadingValueReference.loadFuture(LocalCache.java:3568)
      	at com.google.common.cache.LocalCache$Segment.loadSync(LocalCache.java:2350)
      	at com.google.common.cache.LocalCache$Segment.lockedGetOrLoad(LocalCache.java:2313)
      	at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2228)
      	at com.google.common.cache.LocalCache.get(LocalCache.java:3965)
      	at com.google.common.cache.LocalCache$LocalManualCache.get(LocalCache.java:4764)
      	at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:341)
      	at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:304)
      	at hudson.plugins.active_directory.ActiveDirectoryUnixAuthenticationProvider.retrieveUser(ActiveDirectoryUnixAuthenticationProvider.java:226)
      	at hudson.plugins.active_directory.AbstractActiveDirectoryAuthenticationProvider.loadUserByUsername(AbstractActiveDirectoryAuthenticationProvider.java:55)
      	at hudson.plugins.active_directory.ActiveDirectorySecurityRealm.loadUserByUsername(ActiveDirectorySecurityRealm.java:831)
      	at hudson.model.User.impersonate(User.java:256)
      

      and the Jenkins GUI will show the groups field empty.

        Attachments

          Activity

          There are no comments yet on this issue.

            People

            • Assignee:
              fbelzunc Félix Belzunce Arcos
              Reporter:
              dariver Darío Villadiego
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: