Issue
- Changes to Identity Management Provider have locked out access to CJOC
- No access to CJOC
Environment
- CloudBees Jenkins Enterprise (CJE) - AWS/OpenStack/Anywhere
- CloudBees Jenkins Enterprise - Managed Master (CJE-MM)
- CloudBees Jenkins Enterprise - Operations Center (CJE-OC)
Resolution
Authentication for CJOC can be removed, if needed, by editing the config.xml file. However, in CJE additional steps are needed to ensure that changes are saved and restart is handled correctly.
1) Connect to the worker
First, on the bastion host, run cje run find-worker-for cjoc
to find out in which worker the container is running. In the following example it would be worker-2
for CJOC. Then connect into the worker with
dna connect worker-2
2) Disable Security
- Go to
/mnt/cjoc/<containerid>
in the file system and findconfig.xml
file. - Open
config.xml
file in thevi
editor. - Look for the
<useSecurity>true</useSecurity>
element in this file. - Replace
true
withfalse
. - Save the changes and exit.
4) Restart CJOC
- Restart the CJOC container, i.e. on the bastion host run -
dna stop cjoc
anddna start cjoc
.
2 Comments