If you choose "Let Jenkins control this Windows slave as a Windows service" for connecting to slave (see Windows Slaves Plugin), you may get an error message like this:
If so, check the following settings one after the other on Windows
Make sure that the user name you have entered is a member of the local "Administrators" group. In the default Windows installation, this group membership is required for Jenkins to remotely copy files and install a service.
If your slave is running under a domain account and you get an error code 0x800703FA, change a group policy:
Credit to Oliver Walsh (see comments below)
By default, Windows Firewall prevents the TCP connections necessary to make this mechanism work. The firewall on the slave must allow the following exceptions (see List of TCP&UDP port numbers):
The easiest way to track down firewall issues is to use tcpdump. Just run the following command on the Jenkins server, which is trying to connect to the slave:
When the Ports 139 (NetBIOS Session Service) and 445 (Windows Shares) are not available, the following error message appears:
This can occur whenever you've got a Jenkins server, and a newer version of Windows (e.g. 2008) on different network segments as a slave (has observed it on EC2). You'll get an error saying port 135 is unavailable even if you've opened it. There's a setting on the advanced tab of firewall rules, you must select "Allow Edge Traversal". NAT is not security damn it!
The Remote Communication Service "RemComSvc" must be running in order to launch commands remotely. If not started, Jenkins will try to (remotely) start this service, assuming it is well configured. If not, you may get an error like :
In some cases (especially Windows 2008 R2) this can be caused by the lack of the Visual C++ runtime libraries needed by the service. If this is the case you will see an error in the windows event log similar to:
To solve this issue install the Visual C++ 2008 x86 libraries.
The Remote Communication Service source code is part of Jenkins.
The Remote Registry service must be running in order to install the Jenkins service, but it may be stopped on your computer. This is especially true for Windows Vista, where it is disabled by default. If it is not running, you may get an error like this:
If so, start the control panel, open "Administrative Tools," then "Services." Locate the Remote Registry service on the list, and click "Start this service."
By default Windows 7 (at least) will still deny remote access to the registry, even if the Remote Registry service is started. To test this, try to connect to your slave's registry via regedit on another machine. If you get a similar error ("Access is denied"), run powershell as an administrator on the slave, and execute Enable-PSRemoting. Reboot for good measure, and try launching the slave again.
On current Windows systems, Jenkins requires access to the "WBEM Scripting Locator". The following steps allow that:
Credit to Florian Vogle on the Hudson wiki.
When you get an
"Access is denied. [0x00000005]"error, apply the following patch to the registry:
Credit to Arturas Sirvinskas (comments below)
On Windows 2008 R2 (64bits), if you see a message like this:
To resolve these issues, you may need to disable NTLMv2 authentication.
Make sure to check out logs of the starting service.
On Windows XP / 2003, if you see a message like this:
Then try upgrading .NET framework to ver 3.5SP1.
See page comments below for various tips on using Windows 64bit slave (Windows 7 or Server 2008).
Make sure java bin directory is in your system path, e.g. \Program Files (x86)\Java\jre6\bin or \Windows\SYSWOW64
WARNING: You must have the path to the JRE that is installed in \Windows\SYSWOW64. For example, when my system updated to Java7 I had to update the PATH to point at the new JRE or starting the slave just silently failed.
If this bugs you, then upvote https://issues.jenkins-ci.org/browse/JENKINS-16061 and https://issues.jenkins-ci.org/browse/JENKINS-14559
This is an attempt to describe what I had to do on a clean Windows 2008 R2 (64bit) install to get it to work:
To connect to Windows Server 2012, Change Permission for following registry key to Full Control:
If you have KB2661256 installed, you can refer to this issue https://issues.jenkins-ci.org/browse/JENKINS-15596
This section goes into the details of how the managed Windows slave launcher actually works.
This launcher uses several protocols that has been around for a quite some time.
Skip to end of metadata Go to start of metadata