Home > Net >  Rundeck config file not found when service starts up
Rundeck config file not found when service starts up

Time:12-24

I have installed RD 4.8 CE on a Windows 2019 server MariaDB. The application is up and I can login with the admin account. Service is Windows integrated.

I'm trying now to allow AD users to login and perform activities. I haven't found much documentation on how to configure RD on Windows. So I'm grabbing from here and there. So far I have done the following:

Created a file called jass-multiauth.conf in server/config/ folder as listed below:

multiauth {
    com.dtolabs.rundeck.jetty.jaas.JettyCombinedLdapLoginModule sufficient
    debug="true"
    contextFactory="com.sun.jndi.ldap.LdapCtxFactory"
    providerUrl="ldaps://xxxxxxxxxxx:636"
    bindDn="CN=xxxxxx,OU=Service Accounts,OU=Admin Users and Groups,OU=xxx,DC=xxx,DC=xxx,DC=xxx"
    bindPassword="x$xx<x>xx"
    authenticationMethod="simple"
    forceBindingLogin="true"
    userBaseDn="OU=Admin Users,OU=Admin Users and Groups,OU=xxx,DC=xxx,DC=xxx,DC=xxx"
    userRdnAttribute="sAMAccountName"
    userIdAttribute="sAMAccountName"
    userPasswordAttribute="unicodePwd"
    userObjectClass="user"
    roleBaseDn="OU=Groups,OU=Admin Users and Groups,OU=xxxx,DC=xxx,DC=xxx,DC=xxx"
    roleNameAttribute="cn"
    roleMemberAttribute="member"
    roleObjectClass="group"
    cacheDurationMillis="300000"
    timeoutRead="10000"
    reportStatistics="true"
    supplementalRoles="user";

    org.eclipse.jetty.jaas.spi.PropertyFileLoginModule required
    debug="true"
    file="E:/rundeck/server/config/realm.properties";
};

when I restart rundeck service the AD users are not recognized and no error at all is displayed in the log. I can however login with the admin account. So to troubleshoot this I added:

java %RDECK_CLI_OPTS% %RDECK_SSL_OPTS% -Drundeck.jaaslogin=true -Dloginmodule.conf.name=jaas-multiauth.conf -Djava.security.auth.login.config=E:\rundeck\server\config\jaas-multiauth.conf -Dloginmodule.name=multiauth -jar rundeck.war --skipinstall -d  >> %CURDIR%\var\logs\service.log  2>&1

to the start-rundeck.bat file and in fact when I launch it I see an error which is quite weird:

[2022-12-22T18:58:09,409] ERROR config.GrailsApplicationPostProcessor - Error loading spring/resources.groovy file: java.io.IOException: E:\rundeck\server\config\jaas-multiauth.conf (No such file or directory)
java.lang.SecurityException: java.io.IOException: E:\rundeck\server\config\jaas-multiauth.conf (No such file or directory)

the file is there, path is correct and permission is set as on any other file in same directory. I deleted the file and created it again, but same error.

Also, I have a question: I understand that I should not edit the profile file. Hence, when the problem above is fixed, considering that the rundeck service is Windows integrated, where shall I put the line:

java %RDECK_CLI_OPTS% %RDECK_SSL_OPTS% -Drundeck.jaaslogin=true -Dloginmodule.conf.name=jaas-multiauth.conf -Djava.security.auth.login.config=E:\rundeck\server\config\jaas-multiauth.conf -Dloginmodule.name=multiauth -jar rundeck.war --skipinstall -d  >> %CURDIR%\var\logs\service.log  2>&1

to refer the jass-multiauth.conf file?

CodePudding user response:

Your multiauth config file is saved as jass-multiauth.conf but the launcher script is looking for jaas-multiauth.conf (jass =! jaas). That is the reason of "No such file or directory" error. Rename the file as jaas-multiauth.conf and relaunch the Rundeck service.

  • Related