Issue
-
Login with Active directory plugin doesn’t work
-
You are getting the stacktrace below:
Caused by: javax.naming.NamingException: LDAP response read timed out, timeout used:-1ms.; remaining name 'DC=example,DC=com'
Resolution
This issue is due JDK-8062947.
As a result of the JDK bug mentioned above the plugin is not able to fallback to the recursive group lookup strategy.
The workaround at the moment is in your AD configuration in Jenkins to set the Group Membership Lookup Strategy as seen below:
If you cannot access to the UI because of this issue, navigate to $JENKINS_HOME
, and modify the config.xml
file section:
<groupLookupStrategy>AUTO</groupLookupStrategy>
to
<groupLookupStrategy>RECURSIVE</groupLookupStrategy>