当前位置:网站首页>LDAP application (4) Jenkins access
LDAP application (4) Jenkins access
2022-07-06 08:18:00 【Rain emperor night tears】
LDAP Application articles (4)Jenkins Access
To configure Jenkins Access LDAP You need to be careful , Because once enabled in the configuration LDAP After verifying the user , Previous users will not be able to log in , Include admin Account .
Certificate configuration
If Jenkins adopt ldaps Access , Must be configured separately java Certificate of operating environment . If you use ldap Access Agreement , You can skip this part .
Download and import
Certificate configuration , It only takes two steps , That is, download and import . At the time of import , According to jdk The version location will be slightly different , In especial jdk11 Version above , No more jre Catalog , Please note that !
openssl s_client -connect <address>:636 >> host.crt
keytool -import -trustcacerts -alias <address> -file host1.crt -keystore /usr/java/jdk-17.0.3.1/lib/security/cacerts
When importing certificates , You need to enter the certificate password , The password defaults to : changeit . In fact, I don't know how this came from , It seems that everyone uses it like this ~~~
Some documents will first clear the BEGIN CERTIFICATE and END CERTIFICATE Content , But according to the actual measurement , These operations are not required .
Jenkins Configuration in
Security configuration
Get into Global security configuration in , Fill in the information according to the general operation on the Internet , Note the following two items : User search base And Group search base , Represents the search starting point for users and groups , Don't enter the complete DN Information , Just enter the last section of users and groups ou that will do .
Display Name LDAP attribute One is used to display the user name , But in general posixAccount Account does not have this attribute , It can be changed to cn attribute .
Do not save directly after modification , Be sure to click Test LDAP settings Button , Save after confirmation !!!
Role based matrix authorization
Role based matrix authorization will not be repeated here , Just configured in the previous step LDAP after , It must be here Assign Roles Page Global roles in , Ensure that at least one user has admin role . In this way, the user can be managed normally Jenkins.
Troubleshooting
As mentioned at the beginning , In case of an accident when modifying , Cause unable to log in , It can also be repaired by the following methods . stay Jenkins Look for config.xml file , If the environment variable is configured JENKINS_HOME , The file may be in the specified directory . Open the file , Configure the following content as false :
<useSecurity>flase</useSecurity>
restart Jenkins After service , You will find that the system allows anonymous login , And you can do anything .
Reference material
边栏推荐
- NFT smart contract release, blind box, public offering technology practice -- jigsaw puzzle
- matplotlib. Widgets are easy to use
- wincc7.5下载安装教程(Win10系统)
- synchronized 解决共享带来的问题
- Analysis of pointer and array written test questions
- 22. Empty the table
- leetcode刷题 (5.28) 哈希表
- [2022 广东省赛M] 拉格朗日插值 (多元函数极值 分治NTT)
- Introduction to number theory (greatest common divisor, prime sieve, inverse element)
- hcip--mpls
猜你喜欢
C language - bit segment
Use Alibaba icon in uniapp
07- [istio] istio destinationrule (purpose rule)
Asia Pacific Financial Media | art cube of "designer universe": Guangzhou community designers achieve "great improvement" in urban quality | observation of stable strategy industry fund
synchronized 解决共享带来的问题
A Closer Look at How Fine-tuning Changes BERT
Asia Pacific Financial Media | "APEC industry +" Western Silicon Valley invests 2trillion yuan in Chengdu Chongqing economic circle to catch up with Shanghai | stable strategy industry fund observatio
The resources of underground pipe holes are tight, and the air blowing micro cable is not fragrant?
21. Delete data
3. File operation 3-with
随机推荐
The Vice Minister of the Ministry of industry and information technology of "APEC industry +" of the national economic and information technology center led a team to Sichuan to investigate the operat
On why we should program for all
C语言 - 位段
It's hard to find a job when the industry is in recession
Ruffian Heng embedded bimonthly, issue 49
Go learning notes (3) basic types and statements (2)
C language - bit segment
Migrate data from SQL files to tidb
Nacos Development Manual
华为云OBS文件上传下载工具类
3. File operation 3-with
ROS learning (IX): referencing custom message types in header files
How to use information mechanism to realize process mutual exclusion, process synchronization and precursor relationship
649. Dota2 Senate
[research materials] 2021 China online high growth white paper - Download attached
[research materials] 2021 Research Report on China's smart medical industry - Download attached
Easy to use tcp-udp_ Debug tool download and use
CAD ARX 获取当前的视口设置
A Closer Look at How Fine-tuning Changes BERT
Remote storage access authorization