Jenkins + LDAP Plugin --- Any way to have a login backdoor?

active-directory jenkins ldap

You're right that vanilla Jenkins can't do more than one authn/authz type, which makes local accounts infeasible. In the scenario where LDAP is unavailable temporarily, what I've done in the past is shut down Jenkins, disable authn/authz via editing Jenkins' config.xml (on my Linux systems the full path is /var/lib/jenkins/config.xml), and then restart Jenkins. Specifically, you'll want to change this line:

<useSecurity>true</useSecurity>

To:

<useSecurity>false</useSecurity>

Note that this will give admin access to anonymous users, so use with caution. If you are comfortable with editing XML by hand, it's also possible to edit this file in such a way as to allow admin access via logging in with a local account.

You can also do any of this with a Groovy script if you happen to have an active session with administrative permissions.

Related

How to soft-restart Windows Server 10 Technical Preview (renamed Insider Preview)?
How to create a VHD file from a folder?
How to migrate windows users and retain passwords?
Unexpected anonymous login in Windows security logs
Double Wildcard SSL Certificates
Uchiwa throwing "Error with Sensu API Sensu"
Listening for both IPv6 and IPv4 in apache 2.2
Server System drive on a USB stick? Good? Bad?
LSI 9260-8i w/ 6 256gb SSDs - RAID 5, 6, 10, or bad idea overall?
SELinux contexts with NFS shares
Can rpcbind packagebe removed in debian wheezy, installed by default?
Drives randomly dropping from RAID array