0

  • I am using sonarqube 8.9.7 version.

  • I am trying to do authentication using LDAP. we have 2 groups in LDAP one group is admin and another one is normal user.

    sonar.security.realm = LDAP

    sonar.authenticator.downcase=true

    ldap.url=ldap://<IP address>

    ldap.bindDn=CN=BInd username ,CN=Users,DC=company name,DC=in

    ldap.bindPassword = BindPassword

    ldap.authentication=simple

above one is for bind this is working fine.

ldap.user.baseDn=cn=Users,dc=CompanyName,dc=in

ldap.user.request=(&(objectClass=user)(sAMAccountName={login})(|(memberOf=cn=Sonarusers,cn=Users,dc=companyName,dc=in)(memberOf=cn=SonarAdmin,cn=Users,dc=companyName,dc=in)))

ldap.user.realNameAttribute=cn

ldap.user.emailAttribute=mail

User access is also working fine giving access only to those groups.

ldap.group.baseDn=CN=Users,DC=companyName,DC=in

ldap.group.request=(&(objectClass=posixGroup)(member={uid}))

ldap.group.idAttribute=sAMAccountName

This is group access

for this I am not able to configure things.

I have 2 groups in LDAP sonarUsers and sonarAdmin and created same group in Sonarqube and give permission for sonarAdmin.

please help me to sync the groups.

Thanks in Advance

Anil Kumar
  • 1
  • 1
  • One tricky thing that is not clearly documented is that group matching is case-sensitive, so your group in SonarQube must exactly match the casing that is returned from LDAP query to match. – raspy Apr 05 '22 at 11:25
  • Try to `ldapsearch` one group of users and check the objectClass and member attributes, then ensure the `ldap.group.request` filter matches them. The default filter for AD is `(&(objectClass=group)(member={dn}))`, did you try it ? Also, if the rdn of these groups is `cn` it could be that `ldap.group.idAttribute` requires to be set accordingly. – EricLavault Apr 05 '22 at 18:02

1 Answers1

0

I found the solution. the mistake was from filter i was using wrong object class

Anil Kumar
  • 1
  • 1
  • Your answer could be improved with additional supporting information. Please [edit] to add further details, such as citations or documentation, so that others can confirm that your answer is correct. You can find more information on how to write good answers [in the help center](/help/how-to-answer). – Community Apr 07 '22 at 07:38