Closed edvegas closed 3 years ago
Can you use the issue template please (this includes things like the plugin version and Jenkins version)?
Is there any errors in your browser console?
thanks @timja , updated
I can't reproduce this.
Does 'Verify application' work?
Is there anything in the browser console?
Have you saved the authentication settings and refreshed the page once before trying to set the authorization settings?
Yes, I successfully verified application (including principal ID which you added in recent version).
I saved authentication settings and refreshed the page, even fully restarted jenkins.
I can only see following info log in jenkins logs:
Azure Identity => getToken() result for scopes [https://graph.microsoft.com/.default]: SUCCESS
No logs in console once I press "Add" button, I even tried to reinstall jenkins, no success. Is it possible to enable detailed logs somehow?
If not, I'll use Matrix-based authorization and add each user manually after their first login
Any chance you can record a short video showing it?
Just so I understand exactly what you're doing
and I assume all your plugins are up to date?
Greetings, We are also experiencing problems,I show my versions: Jenkins version: 2.288 Azure ad plugin: 154.v12e17a5f9ea3 Also all plugins are up to date.
The verification/connection with Azure is correct, the authenticated users are still logged in with their permissions specified in Matrix, plus the admin users, but I want to add a new admin user and simply the "Add" button does not work, when I search for the user I get the list of users, I select it but when I hit the "Add" button, it simply does nothing, there are no errors in the browser console. Thanks for your help
@timja can't do video, but here is 3 screenshots with steps
all plugins (i have new installation with only Azure AD and Matrix-based security plugins) are up to date
connection - verifying connection ok
search - search and autocompletion ok
problem - select user and press Add - no reaction from UI
Thanks, I'll try reproduce again later on. I'm wondering if adding the role strategy plugin has something to do with it =/
What browser are you using?
I have exactly the same problem. Jenkins 2.288 Azure AD Plugin 154.v12e17a5f9ea3 Azure Commons Plugin 1.1.3
What browser?
Both on Firefox and Google Chrome. Running Ubuntu 20.04.2
Re-produced it with the above plugin set, can't reproduce in isolation, looking into it.
As an extra; I was also unable to get the grouplisting for AD groups. I had to add 'Azure Active Directory Graph' permission. After that I was able to get AD grouplists again. But the problem with the 'Add' button still existed
You need 'User.Read.All' and 'Group.Read.All' from Microsoft Graph
We now have this
We modified like you advised. But for the "add" button issue it didn't make any difference. But that's probably not expected anyway by you
We are having the same problem with the "Add" button.
Thanks for your help
I've reproduced you can add a :+1: to the top comment rather than adding more comments
Caused by https://github.com/jenkinsci/azure-ad-plugin/pull/119
Haven't managed to isolate the specific problem yet
Fix in https://github.com/jenkinsci/azure-ad-plugin/pull/122, should be released in the next hour or less depending on how long CI takes
awesome! confirm button works now
It's working again Thank you!
I indeed can use the 'add' button again. But it's still throwing errors.
2021-04-15 17:28:23.587+0000 [id=9] SEVERE c.m.graph.logger.DefaultLogger#logError: CoreHttpProvider[sendRequestInternal] - 386Error message: Resource 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' does not exist or one of its queried reference-property objects are not present. 2021-04-15 17:28:23.588+0000 [id=9] SEVERE c.m.graph.logger.DefaultLogger#logError: CoreHttpProvider[sendRequestInternal] - 386 2021-04-15 17:28:23.588+0000 [id=9] SEVERE c.m.graph.logger.DefaultLogger#logError: CoreHttpProvider[sendRequestInternal] - 386GET https://graph.microsoft.com/v1.0/users/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx 2021-04-15 17:28:23.588+0000 [id=9] SEVERE c.m.graph.logger.DefaultLogger#logError: CoreHttpProvider[sendRequestInternal] - 386SdkVersion : graph-java/v3.2.0 2021-04-15 17:28:23.589+0000 [id=9] SEVERE c.m.graph.logger.DefaultLogger#logError: CoreHttpProvider[sendRequestInternal] - 386 2021-04-15 17:28:23.589+0000 [id=9] SEVERE c.m.graph.logger.DefaultLogger#logError: CoreHttpProvider[sendRequestInternal] - 386 2021-04-15 17:28:23.590+0000 [id=9] SEVERE c.m.graph.logger.DefaultLogger#logError: CoreHttpProvider[sendRequestInternal] - 386404 : Not Found 2021-04-15 17:28:23.590+0000 [id=9] SEVERE c.m.graph.logger.DefaultLogger#logError: CoreHttpProvider[sendRequestInternal] - 386[...] 2021-04-15 17:28:23.591+0000 [id=9] SEVERE c.m.graph.logger.DefaultLogger#logError: CoreHttpProvider[sendRequestInternal] - 386 2021-04-15 17:28:23.591+0000 [id=9] SEVERE c.m.graph.logger.DefaultLogger#logError: CoreHttpProvider[sendRequestInternal] - 386[Some information was truncated for brevity, enable debug logging for more details] 2021-04-15 17:28:23.591+0000 [id=9] SEVERE c.m.graph.logger.DefaultLogger#logError: Throwable detail: com.microsoft.graph.http.GraphServiceException: Error code: Request_ResourceNotFound Error message: Resource 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' does not exist or one of its queried reference-property objects are not present.
GET https://graph.microsoft.com/v1.0/users/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx SdkVersion : graph-java/v3.2.0
If that's in your server logs then that's a known issue where we don't know if it's a user or a group, so we have to lookup both, and it logs a 404 as severe. Either an SDK issue or some customising needs doing. unrelated to this issue
Version report
Jenkins and plugins versions report:
Reproduction steps
I'm able to search and find users and groups, but when I select them and press "Add" button in Azure Active Directory Matrix-based security authorization, nothing happens. No errors in jenkins logs and browser console.
Results
Expected result:
Selected user or group is added to matrix
Actual result:
Nothing happens