如何在 Jenkins 作业执行中包含域用户
How to include domain user in Jenkins Job execution
我正在自动化构建过程。该过程需要将应用程序部署到服务器,部署后必须执行一些脚本以在服务器上共享和提供权限。当我通过 powershell.I 通过域用户登录时,脚本 运行 正在使用 Jenkins 进行 CI/CD 进程。我想将我的域凭据包含到 运行 服务器上的脚本中。我也使用了活动目录插件,并且可以使用我的域凭据登录,但我仍然无法与服务器建立远程连接。
我的脚本是
Enter-PSSession -ComputerName ATKT-WS-20
Invoke-Expression -Command .\FolderSharingScript.ps1
Enter-PSSession : Connecting to remote server ATKT-WS-20 failed with the following error message : WinRM cannot
process the request. The following error with errorcode 0x8009030e occurred while using Kerberos authentication: A
specified logon session does not exist. It may already have been terminated.
Possible causes are:
-The user name or password specified are invalid.
-Kerberos is used when no authentication method and no user name are specified.
-Kerberos accepts domain user names, but not local user names.
-The Service Principal Name (SPN) for the remote computer name and port does not exist.
-The client and remote computers are in different domains and there is no trust between the two domains.
After checking for the above issues, try the following:
-Check the Event Viewer for events related to authentication.
-Change the authentication method; add the destination computer to the WinRM TrustedHosts configuration setting or
use HTTPS transport.
Note that computers in the TrustedHosts list might not be authenticated.<
我还在trustedhosts中添加了机器名。如何在 Jenkins 作业中包含域凭据?
解决方案根本不使用 PowerShell 的远程处理,而是 依赖 Jenkins 中内置的远程处理:
将远程计算机作为 Jenkins 代理连接到 Jenkins 服务器,运行将代理可执行文件作为所需的域用户。
在 Jenkins 服务器上,使用标签表达式确保您的作业在远程计算机上配置为 运行。
假设安装了 PowerShell 插件,然后您可以将 PowerShell 代码 as-is 发送到远程计算机 - 不需要 PowerShell 会话、凭据...
我正在自动化构建过程。该过程需要将应用程序部署到服务器,部署后必须执行一些脚本以在服务器上共享和提供权限。当我通过 powershell.I 通过域用户登录时,脚本 运行 正在使用 Jenkins 进行 CI/CD 进程。我想将我的域凭据包含到 运行 服务器上的脚本中。我也使用了活动目录插件,并且可以使用我的域凭据登录,但我仍然无法与服务器建立远程连接。
我的脚本是
Enter-PSSession -ComputerName ATKT-WS-20
Invoke-Expression -Command .\FolderSharingScript.ps1
Enter-PSSession : Connecting to remote server ATKT-WS-20 failed with the following error message : WinRM cannot process the request. The following error with errorcode 0x8009030e occurred while using Kerberos authentication: A specified logon session does not exist. It may already have been terminated.
Possible causes are: -The user name or password specified are invalid. -Kerberos is used when no authentication method and no user name are specified. -Kerberos accepts domain user names, but not local user names. -The Service Principal Name (SPN) for the remote computer name and port does not exist. -The client and remote computers are in different domains and there is no trust between the two domains. After checking for the above issues, try the following: -Check the Event Viewer for events related to authentication. -Change the authentication method; add the destination computer to the WinRM TrustedHosts configuration setting or use HTTPS transport. Note that computers in the TrustedHosts list might not be authenticated.<
我还在trustedhosts中添加了机器名。如何在 Jenkins 作业中包含域凭据?
解决方案根本不使用 PowerShell 的远程处理,而是 依赖 Jenkins 中内置的远程处理:
将远程计算机作为 Jenkins 代理连接到 Jenkins 服务器,运行将代理可执行文件作为所需的域用户。
在 Jenkins 服务器上,使用标签表达式确保您的作业在远程计算机上配置为 运行。
假设安装了 PowerShell 插件,然后您可以将 PowerShell 代码 as-is 发送到远程计算机 - 不需要 PowerShell 会话、凭据...