Jenkins and LDAPS connectivity issue

Hi
We have multiple jenkins servers hosted on AWS ECS through docker image 2.387.3.
we use LDAPs for authentication but we started to see the problem with the login. we are only able to login only after multiple retry.
I tested the connection to LDAP server from one of the ec2 where jenkins is hosted by using the ldapsearch command and i get a response as expected. I don’t see the issue with the ldap server.
I see the following in the logs
1. WARNING h.security.LDAPSecurityRealm#throwUnlessConfigIsIgnorable: Failed communication with ldap server (ldaps://host:port), will not try the next configuration java.net.SocketTimeoutException: connect timed out
2. Caused: org.springframework.security.authentication.AuthenticationServiceException: Failed to search LDAP for user
3.Caused: org.springframework.ldap.CommunicationException: sldaps://host:port; nested exception is javax.naming.CommunicationException: ldaps://host:port [Root exception is java.net.SocketTimeoutException: connect timed out]
I does not look to be the network or ldap not being stable but looks like a jenkins internal issue. Any advise on how to resolve.
setup:
jenkins version: 2.387.3

Plugins:
jenkins_plugins:

  • name: ace-editor
    version: “1.1”
    description: “JavaScript GUI Lib: ACE Editor bundle plugin”
  • name: amazon-ecr
    version: “1.114.vfd22430621f5”
    description: “Amazon ECR plugin”
  • name: amazon-ecs
    version: “1.48”
    description: “Amazon Elastic Container Service (ECS) / Fargate plugin”
  • name: ansicolor
    version: “1.0.4”
    description: “AnsiColor”
  • name: antisamy-markup-formatter
    version: “162.v0e6ec0fcfcf6”
    description: “OWASP Markup Formatter Plugin”
  • name: apache-httpcomponents-client-4-api
    version: “4.5.14-208.v438351942757”
    description: “Apache HttpComponents Client 4.x API Plugin”
  • name: authentication-tokens
    version: “1.53.v1c90fd9191a_b_”
    description: “Authentication Tokens API Plugin”
  • name: aws-credentials
    version: “218.v1b_e9466ec5da_”
    description: “AWS Credentials Plugin”
  • name: aws-java-sdk
    version: “1.12.606-418.vce5b_4cd017c6”
    description: “Amazon Web Services SDK :: All”
  • name: aws-java-sdk-cloudformation
    version: “1.12.606-418.vce5b_4cd017c6”
    description: “Amazon Web Services SDK :: CloudFormation”
  • name: aws-java-sdk-codebuild
    version: “1.12.606-418.vce5b_4cd017c6”
    description: “Amazon Web Services SDK :: CodeBuild”
  • name: aws-java-sdk-ec2
    version: “1.12.606-418.vce5b_4cd017c6”
    description: “Amazon Web Services SDK :: EC2”
  • name: aws-java-sdk-ecr
    version: “1.12.606-418.vce5b_4cd017c6”
    description: “Amazon Web Services SDK :: ECR”
  • name: aws-java-sdk-ecs
    version: “1.12.606-418.vce5b_4cd017c6”
    description: “Amazon Web Services SDK :: ECS”
  • name: aws-java-sdk-efs
    version: “1.12.606-418.vce5b_4cd017c6”
    description: “Amazon Web Services SDK :: EFS”
  • name: aws-java-sdk-elasticbeanstalk
    version: “1.12.606-418.vce5b_4cd017c6”
    description: “Amazon Web Services SDK :: Elastic Beanstalk”
  • name: aws-java-sdk-iam
    version: “1.12.606-418.vce5b_4cd017c6”
    description: “Amazon Web Services SDK :: IAM”
  • name: aws-java-sdk-kinesis
    version: “1.12.606-418.vce5b_4cd017c6”
    description: “Amazon Web Services SDK :: kinesis”
  • name: aws-java-sdk-logs
    version: “1.12.606-418.vce5b_4cd017c6”
    description: “Amazon Web Services SDK :: Logs”
  • name: aws-java-sdk-minimal
    version: “1.12.606-418.vce5b_4cd017c6”
    description: “Amazon Web Services SDK :: Minimal”
  • name: aws-java-sdk-secretsmanager
    version: “1.12.606-418.vce5b_4cd017c6”
    description: “Amazon Web Services SDK :: Secrets Manager”
  • name: aws-java-sdk-sns
    version: “1.12.606-418.vce5b_4cd017c6”
    description: “Amazon Web Services SDK :: SNS”
  • name: aws-java-sdk-sqs
    version: “1.12.606-418.vce5b_4cd017c6”
    description: “Amazon Web Services SDK :: SQS”
  • name: aws-java-sdk-ssm
    version: “1.12.606-418.vce5b_4cd017c6”
    description: “Amazon Web Services SDK :: SSM”
  • name: aws-secrets-manager-credentials-provider
    version: “1.214.va_0a_d8268d068”
    description: “AWS Secrets Manager Credentials Provider”
  • name: badge
    version: “1.9.1”
    description: “Badge”
  • name: basic-branch-build-strategies
    version: “81.v05e333931c7d”
    description: “Basic Branch Build Strategies Plugin”
  • name: blueocean
    version: “1.27.5.1”
    description: “Blue Ocean”
  • name: blueocean-autofavorite
    version: “1.2.5”
    description: “Autofavorite for Blue Ocean”
  • name: blueocean-bitbucket-pipeline
    version: “1.27.5.1”
    description: “Bitbucket Pipeline for Blue Ocean”
  • name: blueocean-commons
    version: “1.27.5.1”
    description: “Common API for Blue Ocean”
  • name: blueocean-config
    version: “1.27.5.1”
    description: “Config API for Blue Ocean”
  • name: blueocean-core-js
    version: “1.27.5.1”
    description: “Blue Ocean Core JS”
  • name: blueocean-dashboard
    version: “1.27.5.1”
    description: “Dashboard for Blue Ocean”
  • name: blueocean-display-url
    version: “2.4.2”
    description: “Display URL for Blue Ocean”
  • name: blueocean-events
    version: “1.27.5.1”
    description: “Events API for Blue Ocean”
  • name: blueocean-executor-info
    version: “1.27.5.1”
    description: “DEPRECATED Blue Ocean Executor Info”
  • name: blueocean-git-pipeline
    version: “1.27.5.1”
    description: “Git Pipeline for Blue Ocean”
  • name: blueocean-github-pipeline
    version: “1.27.5.1”
    description: “GitHub Pipeline for Blue Ocean”
  • name: blueocean-i18n
    version: “1.27.5.1”
    description: “i18n for Blue Ocean”
  • name: blueocean-jira
    version: “1.27.5.1”
    description: “JIRA Integration for Blue Ocean”
  • name: blueocean-jwt
    version: “1.27.5.1”
    description: “JWT for Blue Ocean”
  • name: blueocean-personalization
    version: “1.27.5.1”
    description: “Personalization for Blue Ocean”
  • name: blueocean-pipeline-api-impl
    version: “1.27.5.1”
    description: “Pipeline implementation for Blue Ocean”
  • name: blueocean-pipeline-editor
    version: “1.27.5.1”
    description: “Blue Ocean Pipeline Editor”
  • name: blueocean-pipeline-scm-api
    version: “1.27.5.1”
    description: “Pipeline SCM API for Blue Ocean”
  • name: blueocean-rest
    version: “1.27.5.1”
    description: “REST API for Blue Ocean”
  • name: blueocean-rest-impl
    version: “1.27.5.1”
    description: “REST Implementation for Blue Ocean”
  • name: blueocean-web
    version: “1.27.5.1”
    description: “Web for Blue Ocean”
  • name: bootstrap4-api
    version: “4.6.0-6”
    description: “Bootstrap 4 API Plugin”
  • name: bootstrap5-api
    version: “5.3.2-3”
    description: “Bootstrap 5 API Plugin”
  • name: bouncycastle-api
    version: “2.30.1.77-225.v26ea_c9455fd9”
    description: “bouncycastle API Plugin”
  • name: branch-api
    version: “2.1128.v717130d4f816”
    description: “Branch API Plugin”
  • name: build-blocker-plugin
    version: “1.7.9”
    description: “Build Blocker Plugin”
  • name: build-discarder
    version: “139.v05696a_7fe240”
    description: “Build Discarder Plugin”
  • name: build-failure-analyzer
    version: “2.5.0”
    description: “Build Failure Analyzer”
  • name: build-timeout
    version: “1.31”
    description: “Build Timeout”
  • name: build-user-vars-plugin
    version: “1.9”
    description: “build user vars plugin”
  • name: caffeine-api
    version: “3.1.8-133.v17b_1ff2e0599”
    description: “Caffeine API Plugin”
  • name: checks-api
    version: “2.0.2”
    description: “Checks API plugin”
  • name: cloudbees-bitbucket-branch-source
    version: “856.v04c46c86f911”
    description: “Bitbucket Branch Source Plugin”
  • name: cloudbees-folder
    version: “6.858.v898218f3609d”
    description: “Folders Plugin”
  • name: command-launcher
    version: “107.v773860566e2e”
    description: “Command Agent Launcher Plugin”
  • name: commons-httpclient3-api
    version: “3.1-3”
    description: “Commons HttpClient 3.x API”
  • name: commons-lang3-api
    version: “3.13.0-62.v7d18e55f51e2”
    description: “commons-lang3 v3.x Jenkins API Plugin”
  • name: commons-text-api
    version: “1.11.0-94.v3e1f4a_926e49”
    description: “commons-text API Plugin”
  • name: conditional-buildstep
    version: “1.4.3”
    description: “Conditional BuildStep”
  • name: configuration-as-code
    version: “1700.v6f448841296e”
    description: “Configuration as Code Plugin”
  • name: copyartifact
    version: “722.v0662a_9b_e22a_c”
    description: “Copy Artifact Plugin”
  • name: credentials
    version: “1311.vcf0a_900b_37c2”
    description: “Credentials Plugin”
  • name: credentials-binding
    version: “642.v737c34dea_6c2”
    description: “Credentials Binding Plugin”
  • name: data-tables-api
    version: “1.13.6-5”
    description: “DataTables.net API Plugin”
  • name: display-url-api
    version: “2.200.vb_9327d658781”
    description: “Display URL API”
  • name: docker-commons
    version: “439.va_3cb_0a_6a_fb_29”
    description: “Docker Commons Plugin”
  • name: docker-workflow
    version: “572.v950f58993843”
    description: “Docker Pipeline”
  • name: durable-task
    version: “523.va_a_22cf15d5e0”
    description: “Durable Task Plugin”
  • name: ec2
    version: “1609.v53b_02a_b_9e52d”
    description: “Amazon EC2 plugin”
  • name: echarts-api
    version: “5.4.0-7”
    description: “ECharts API Plugin”
  • name: email-ext
    version: “2.103”
    description: “Email Extension Plugin”
  • name: envinject
    version: “2.908.v66a_774b_31d93”
    description: “Environment Injector Plugin”
  • name: envinject-api
    version: “1.199.v3ce31253ed13”
    description: “EnvInject API Plugin”
  • name: extended-choice-parameter
    version: “376.v2e02857547b_a_”
    description: “Extended Choice Parameter Plugin”
  • name: external-monitor-job
    version: “215.v2e88e894db_f8”
    description: “External Monitor Job Type Plugin”
  • name: favorite
    version: “2.4.3”
    description: “Favorite”
  • name: font-awesome-api
    version: “6.5.1-1”
    description: “Font Awesome API Plugin”
  • name: generic-webhook-trigger
    version: “1.88.2”
    description: “Generic Webhook Trigger Plugin”
  • name: git
    version: “5.2.1”
    description: “Git plugin”
  • name: git-client
    version: “4.6.0”
    description: “Git client plugin”
  • name: git-server
    version: “99.va_0826a_b_cdfa_d”
    description: “Git server Plugin”
  • name: github
    version: “1.37.3.1”
    description: “GitHub plugin”
  • name: github-api
    version: “1.318-461.v7a_c09c9fa_d63”
    description: “GitHub API Plugin”
  • name: github-branch-source
    version: “1767.va_7d01ea_c7256”
    description: “GitHub Branch Source Plugin”
  • name: greenballs
    version: “1.15.1”
    description: “Green Balls”
  • name: groovy-postbuild
    version: “228.vcdb_cf7265066”
    description: “Groovy Postbuild”
  • name: handlebars
    version: “3.0.8”
    description: “JavaScript GUI Lib: Handlebars bundle plugin”
  • name: handy-uri-templates-2-api
    version: “2.1.8-22.v77d5b_75e6953”
    description: “Handy Uri Templates 2.x API Plugin”
  • name: htmlpublisher
    version: “1.32”
    description: “HTML Publisher plugin”
  • name: http_request
    version: “1.18”
    description: “HTTP Request Plugin”
  • name: influxdb
    version: “3.6”
    description: “InfluxDB Plugin”
  • name: instance-identity
    version: “185.v303dc7c645f9”
    description: “Instance Identity”
  • name: ionicons-api
    version: “56.v1b_1c8c49374e”
    description: “Ionicons API”
  • name: jackson2-api
    version: “2.15.3-363.v82c51b_de9f60”
    description: “Jackson 2 API Plugin”
  • name: jakarta-activation-api
    version: “2.0.1-3”
    description: “Jakarta Activation API”
  • name: jakarta-mail-api
    version: “2.0.1-3”
    description: “Jakarta Mail API”
  • name: javadoc
    version: “243.vb_b_503b_b_45537”
    description: “Javadoc Plugin”
  • name: javax-activation-api
    version: “1.2.0-6”
    description: “JavaBeans Activation Framework (JAF) API”
  • name: javax-mail-api
    version: “1.6.2-9”
    description: “JavaMail API”
  • name: jaxb
    version: “2.3.9-1”
    description: “JAXB plugin”
  • name: jdk-tool
    version: “73.vddf737284550”
    description: “Oracle Java SE Development Kit Installer Plugin”
  • name: jenkins-design-language
    version: “1.27.5.1”
    description: “Design Language”
  • name: jersey2-api
    version: “2.40-1”
    description: “Jersey 2 API”
  • name: jira
    version: “3.12”
    description: “Jira plugin”
  • name: jjwt-api
    version: “0.11.5-77.v646c772fddb_0”
    description: “Java JSON Web Token (JJWT) Plugin”
  • name: job-dsl
    version: “1.87”
    description: “Job DSL”
  • name: job-restrictions
    version: “0.8”
    description: “Job Restrictions Plugin”
  • name: jobConfigHistory
    version: “1229.v3039470161a_d”
    description: “Job Configuration History Plugin”
  • name: jquery
    version: “1.12.4-1”
    description: “jQuery plugin”
  • name: jquery-detached
    version: “1.2.1”
    description: “JavaScript GUI Lib: jQuery bundles (jQuery and jQuery UI) plugin”
  • name: jquery3-api
    version: “3.7.1-1”
    description: “JQuery3 API Plugin”
  • name: jsch
    version: “0.2.16-86.v42e010d9484b_”
    description: “JSch dependency plugin”
  • name: junit
    version: “1252.vfc2e5efa_294f”
    description: “JUnit Plugin”
  • name: ldap
    version: “711.vb_d1a_491714dc”
    description: “LDAP Plugin”
  • name: lockable-resources
    version: “1222.v3d55a_36d63e4”
    description: “Lockable Resources plugin”
  • name: mailer
    version: “463.vedf8358e006b_”
    description: “Mailer Plugin”
  • name: matrix-auth
    version: “3.2.1”
    description: “Matrix Authorization Strategy Plugin”
  • name: matrix-project
    version: “818.v7eb_e657db_924”
    description: “Matrix Project Plugin”
  • name: maven-plugin
    version: “3.23”
    description: “Maven Integration plugin”
  • name: mercurial
    version: “1260.vdfb_723cdcc81”
    description: “Mercurial plugin”
  • name: metrics
    version: “4.2.18-442.v02e107157925”
    description: “Metrics Plugin”
  • name: mina-sshd-api-common
    version: “2.11.0-86.v836f585d47fa_”
    description: “Mina SSHD API :: Common”
  • name: mina-sshd-api-core
    version: “2.11.0-86.v836f585d47fa_”
    description: “Mina SSHD API :: Core”
  • name: momentjs
    version: “1.1.1”
    description: “JavaScript GUI Lib: Moment.js bundle plugin”
  • name: monitoring
    version: “1.95.0”
    description: “Monitoring”
  • name: nexus-artifact-uploader
    version: “2.14”
    description: “Nexus Artifact Uploader”
  • name: node-iterator-api
    version: “55.v3b_77d4032326”
    description: “Node Iterator API Plugin”
  • name: okhttp-api
    version: “4.11.0-157.v6852a_a_fa_ec11”
    description: “OkHttp Plugin”
  • name: pam-auth
    version: “1.10”
    description: “PAM Authentication plugin”
  • name: Parameterized-Remote-Trigger
    version: “3.2.0”
    description: “Parameterized Remote Trigger Plugin”
  • name: parameterized-scheduler
    version: “255.v73827fcdf618”
    description: “Parameterized Scheduler”
  • name: parameterized-trigger
    version: “787.v665fcf2a_830b_”
    description: “Parameterized Trigger plugin”
  • name: pipeline-aws
    version: “1.43”
    description: “Pipeline: AWS Steps”
  • name: pipeline-build-step
    version: “540.vb_e8849e1a_b_d8”
    description: “Pipeline: Build Step”
  • name: pipeline-github-lib
    version: “42.v0739460cda_c4”
    description: “Pipeline: GitHub Groovy Libraries”
  • name: pipeline-graph-analysis
    version: “202.va_d268e64deb_3”
    description: “Pipeline Graph Analysis Plugin”
  • name: pipeline-groovy-lib
    version: “689.veec561a_dee13”
    description: “Pipeline: Groovy Libraries”
  • name: pipeline-input-step
    version: “477.v339683a_8d55e”
    description: “Pipeline: Input Step”
  • name: pipeline-milestone-step
    version: “111.v449306f708b_7”
    description: “Pipeline: Milestone Step”
  • name: pipeline-model-api
    version: “2.2150.v4cfd8916915c”
    description: “Pipeline: Model API”
  • name: pipeline-model-declarative-agent
    version: “1.1.1”
    description: “Pipeline: Declarative Agent API”
  • name: pipeline-model-definition
    version: “2.2150.v4cfd8916915c”
    description: “Pipeline: Declarative”
  • name: pipeline-model-extensions
    version: “2.2150.v4cfd8916915c”
    description: “Pipeline: Declarative Extension Points API”
  • name: pipeline-rest-api
    version: “2.34”
    description: “Pipeline: REST API Plugin”
  • name: pipeline-stage-step
    version: “305.ve96d0205c1c6”
    description: “Pipeline: Stage Step”
  • name: pipeline-stage-tags-metadata
    version: “2.2150.v4cfd8916915c”
    description: “Pipeline: Stage Tags Metadata”
  • name: pipeline-stage-view
    version: “2.34”
    description: “Pipeline: Stage View Plugin”
  • name: pipeline-utility-steps
    version: “2.16.0”
    description: “Pipeline Utility Steps”
  • name: plain-credentials
    version: “143.v1b_df8b_d3b_e48”
    description: “Plain Credentials Plugin”
  • name: plugin-util-api
    version: “3.8.0”
    description: “Plugin Utilities API Plugin”
  • name: popper-api
    version: “1.16.1-3”
    description: “Popper.js API Plugin”
  • name: popper2-api
    version: “2.11.6-4”
    description: “Popper.js 2 API Plugin”
  • name: pubsub-light
    version: “1.18”
    description: “Pub-Sub "light" Bus”
  • name: rebuild
    version: “330.v645b_7df10e2a_”
    description: “Rebuilder”
  • name: resource-disposer
    version: “0.23”
    description: “Resource Disposer Plugin”
  • name: rich-text-publisher-plugin
    version: “1.5”
    description: “Rich Text Publisher Plugin”
  • name: run-condition
    version: “1.7”
    description: “Run Condition Plugin”
  • name: s3
    version: “466.vf5b_3db_8e3eb_2”
    description: “S3 publisher plugin”
  • name: saferestart
    version: “0.7”
    description: “Safe Restart Plugin”
  • name: scm-api
    version: “676.v886669a_199a_a_”
    description: “SCM API Plugin”
  • name: script-security
    version: “1310.vf24a_dfce068b_”
    description: “Script Security Plugin”
  • name: slack
    version: “684.v833089650554”
    description: “Slack Notification Plugin”
  • name: snakeyaml-api
    version: “2.2-111.vc6598e30cc65”
    description: “SnakeYAML API Plugin”
  • name: splunk-devops
    version: “1.10.1”
    description: “Splunk Plugin”
  • name: sse-gateway
    version: “1.26”
    description: “Server Sent Events (SSE) Gateway Plugin”
  • name: ssh-agent
    version: “346.vda_a_c4f2c8e50”
    description: “SSH Agent Plugin”
  • name: ssh-credentials
    version: “308.ve4497b_ccd8f4”
    description: “SSH Credentials Plugin”
  • name: ssh-slaves
    version: “2.947.v64ee6b_f87b_c1”
    description: “SSH Build Agents plugin”
  • name: sshd
    version: “3.312.v1c601b_c83b_0e”
    description: “SSH server”
  • name: structs
    version: “325.vcb_307d2a_2782”
    description: “Structs Plugin”
  • name: testng-plugin
    version: “835.v51ed3da_fcc35”
    description: “TestNG Results Plugin”
  • name: timestamper
    version: “1.26”
    description: “Timestamper”
  • name: token-macro
    version: “384.vf35b_f26814ec”
    description: “Token Macro Plugin”
  • name: trilead-api
    version: “2.84.v72119de229b_7”
    description: “Trilead API Plugin”
  • name: uno-choice
    version: “2.8.1”
    description: “Active Choices Plug-in”
  • name: variant
    version: “60.v7290fc0eb_b_cd”
    description: “Variant Plugin”
  • name: windows-slaves
    version: “1.8.1”
    description: “WMI Windows Agents Plugin”
  • name: workflow-aggregator
    version: “596.v8c21c963d92d”
    description: “Pipeline”
  • name: workflow-api
    version: “1283.v99c10937efcb_”
    description: “Pipeline: API”
  • name: workflow-basic-steps
    version: “1042.ve7b_140c4a_e0c”
    description: “Pipeline: Basic Steps”
  • name: workflow-cps
    version: “3832.vc43e04d6d68c”
    description: “Pipeline: Groovy”
  • name: workflow-cps-global-lib
    version: “609.vd95673f149b_b”
    description: “Pipeline: Deprecated Groovy Libraries”
  • name: workflow-durable-task-step
    version: “1313.vcb_970b_d2a_fb_3”
    description: “Pipeline: Nodes and Processes”
  • name: workflow-job
    version: “1326.ve643e00e9220”
    description: “Pipeline: Job”
  • name: workflow-multibranch
    version: “756.v891d88f2cd46”
    description: “Pipeline: Multibranch”
  • name: workflow-scm-step
    version: “415.v434365564324”
    description: “Pipeline: SCM Step”
  • name: workflow-step-api
    version: “639.v6eca_cd8c04a_a_”
    description: “Pipeline: Step API”
  • name: workflow-support
    version: “865.v43e78cc44e0d”
    description: “Pipeline: Supporting APIs”
  • name: ws-cleanup
    version: “0.45”
    description: “Workspace Cleanup Plugin”