Closed rgov closed 2 years ago
I'm not even sure how the "Azure User/group to add" field is trying to look up names with AD. I do not see any XHRs or traffic going to the backend.
This problem is still not resolved - it is present in plugin version [442.v355cca_6b_c169]
Jenkins and plugins versions report
Environment
```text Jenkins: 2.346.2 OS: Linux - 5.15.0-43-generic --- ace-editor:1.1 ant:475.vf34069fef73c antisamy-markup-formatter:2.7 apache-httpcomponents-client-4-api:4.5.13-138.v4e7d9a_7b_a_e61 azure-ad:241.vb_e5cd7c35b_2e azure-sdk:118.v43f74dd9ca_dc bootstrap5-api:5.1.3-7 bouncycastle-api:2.26 branch-api:2.1046.v0ca_37783ecc5 build-timeout:1.21 caffeine-api:2.9.3-65.v6a_47d0f4d1fe checks-api:1.7.4 cloudbees-folder:6.740.ve4f4ffa_dea_54 command-launcher:84.v4a_97f2027398 credentials:1139.veb_9579fca_33b_ credentials-binding:523.vd859a_4b_122e6 display-url-api:2.3.6 durable-task:496.va67c6f9eefa7 echarts-api:5.3.3-1 email-ext:2.91 font-awesome-api:6.1.1-1 git:4.11.4 git-client:3.11.1 github:1.34.5 github-api:1.303-400.v35c2d8258028 github-branch-source:1677.v731f745ea_0cf gradle:1.39.4 handlebars:3.0.8 jackson2-api:2.13.3-285.vc03c0256d517 jakarta-activation-api:2.0.0-3 jakarta-mail-api:2.0.0-6 javax-activation-api:1.2.0-4 javax-mail-api:1.6.2-7 jaxb:2.3.6-1 jdk-tool:55.v1b_32b_6ca_f9ca jjwt-api:0.11.5-77.v646c772fddb_0 jquery3-api:3.6.0-4 jsch:0.1.55.2 junit:1119.1121.vc43d0fc45561 ldap:2.11 mailer:435.v79ef3972b_5c7 matrix-auth:3.1.5 matrix-project:772.v494f19991984 mina-sshd-api-common:2.8.0-36.v8e25ce90d4b_1 mina-sshd-api-core:2.8.0-36.v8e25ce90d4b_1 momentjs:1.1.1 okhttp-api:4.9.3-105.vb96869f8ac3a pam-auth:1.8 pipeline-build-step:2.18 pipeline-github-lib:38.v445716ea_edda_ pipeline-graph-analysis:195.v5812d95a_a_2f9 pipeline-groovy-lib:612.v84da_9c54906d pipeline-input-step:449.v77f0e8b_845c4 pipeline-milestone-step:101.vd572fef9d926 pipeline-model-api:2.2114.v2654ca_721309 pipeline-model-definition:2.2114.v2654ca_721309 pipeline-model-extensions:2.2114.v2654ca_721309 pipeline-rest-api:2.24 pipeline-stage-step:293.v200037eefcd5 pipeline-stage-tags-metadata:2.2114.v2654ca_721309 pipeline-stage-view:2.24 plain-credentials:139.ved2b_9cf7587b plugin-util-api:2.17.0 popper2-api:2.11.5-2 resource-disposer:0.19 scm-api:620.v0a_5b_1f8054c0 script-security:1175.v4b_d517d6db_f0 snakeyaml-api:1.30.2-76.vc104f7ce9870 ssh-credentials:295.vced876c18eb_4 ssh-slaves:1.834.v622da_57f702c sshd:3.242.va_db_9da_b_26a_c3 structs:324.va_f5d6774f3a_d timestamper:1.18 token-macro:308.v4f2b_ed62b_b_16 trilead-api:1.67.vc3938a_35172f variant:59.vf075fe829ccb workflow-aggregator:590.v6a_d052e5a_a_b_5 workflow-api:1188.v0016b_4f29881 workflow-basic-steps:986.v6b_9c830a_6b_37 workflow-cps:2759.v87459c4eea_ca_ workflow-durable-task-step:1199.v02b_9244f8064 workflow-job:1207.ve6191ff089f8 workflow-multibranch:716.vc692a_e52371b_ workflow-scm-step:400.v6b_89a_1317c9a_ workflow-step-api:639.v6eca_cd8c04a_a_ workflow-support:833.va_1c71061486b_ ws-cleanup:0.42 ```What Operating System are you using (both controller, and any agents involved in the problem)?
Linux
Reproduction steps
Configure the Azure AD app registration following the official instructions with
User.Read.All
,Group.Read.All
, andPeople.Read
Graph API permissions.Configure authentication with Azure AD and "logged-in users can do anything" authorization. Confirm that this works. Confirm that Jenkins user profile shows the AD principal name and group membership information.
Change authorization to "Azure Active Directory Matrix-based security". Use the field to add permissions for a new Azure user/group.
Expected Results
It should autocomplete the name of the user/group I am adding permissions for, and let me then assign permissions to this user/group.
Actual Results
It always says "We didn't find any matches" no matter what I enter (user display name, user principal name, group names, UUIDs, etc.)
Anything else?
No response