Issue

• When managing user permissions, a user might set a permission wrong and lose access when using their main administrator account. Regaining access can be done in a few steps.
• global security needs to be changed, unable to login as administrator

Environment

• CloudBees Core on modern cloud platforms - Managed Master
• CloudBees Core on modern cloud platforms - Operations Center
• CloudBees Core on traditional platforms - Client Master
• CloudBees Core on traditional platforms - Operations Center
• CloudBees Jenkins Enterprise - Managed Master
• CloudBees Jenkins Enterprise - Operations Center
• CloudBees Jenkins Platform - Client Master
• CloudBees Jenkins Platform - Operations Center
• CloudBees Jenkins Distribution
• Jenkins LTS

Resolution

1) Stop Jenkins

2) Edit the config.xml file in the JENKINS_HOME folder and locate this line:

  <useSecurity>true</useSecurity>

Set the value to false

3) Start Jenkins

4) If you don’t know your admin password when using Jenkins’ own user database for your Security Realm, go to:

JENKINS_URL/user/admin/configure

to set the new admin password.

5) Now go to Manage Jenkins -> Configure Global Security and choose your Security Realm and Authorization settings to re-enable security.

Note: an alternative to step 2 is to restore a known good configuration of JENKINS_HOME/config.xml from a backup that was taken immediately before the Configure Global Security changes were done that caused the issue. We recommmend you do a diff of the current content of JENKINS_HOME/config.xml and the version from the backup before you replace it, to ensure you understand what you are reverting.