How to reset Jenkins security

If you forget your admin password or have lost admin privileges for any reason, please follow the steps below to reset your Jenkins security.

  1. Short form: disable security from Jenkins configuration file (only if you can access it), restart Jenkins in all-access admin mode, make the desired changes, and restore security. Read on for the details (these are specific for The Construct instance, but you can figure out the equivalent for any Jenkins instance).

  2. Find the file webpage_ws/jenkins/config.xml in the IDE and open it up. It’s something like:

<?xml version='1.1' encoding='UTF-8'?> 
<hudson> 
<disabledAdministrativeMonitors> 
<string>jenkins.monitor.JavaVersionRecommendationAdminMonitor</string> 
<string>jenkins.diagnostics.ControllerExecutorsNoAgents</string> 
<string>jenkins.diagnostics.RootUrlNotSetMonitor</string> 
<string>hudson.diagnosis.ReverseProxySetupMonitor</string> </disabledAdministrativeMonitors> 
<version>2.303.1</version> <numExecutors>2</numExecutors> <mode>NORMAL</mode> 
<useSecurity>true</useSecurity> ....
  1. Change <useSecurity>true</useSecurity> to <useSecurity>false</useSecurity> and save the file.

  2. In the file webpage_ws/jenkins__pid__url.txt find the command to kill Jenkins. E.g. kill 4883 in the file below:

To stop Jenkins, 
run: kill 4883 
...
  1. Run the kill command.

  2. Restart Jenkins by running the bash file webpage_ws/start_jenkins.sh.

  3. When you get back to the Jenkins interface, it’s all open (Anyone can do anything). Please change the authorization back to Logged-in users can do anything. Also select “Jenkin’s own user database” under Security Realm. The click Save.