About Simple Ldap Connection in Sonarqube

Hello World !

I opened a different topic that I followed earlier and didn’t get a response from. I asked for support there that I could not provide an ssl connection over ldaps.

Now I’m trying to do my first tests by connecting with simple method without ssl.

The Ldap connection is successful, but when the user sends a login request, it gives the error code “LDAP: error code 1 - 000004DC: LdapErr: dsid-0C090A4C”. In many places, the user has written that there is a password error, but I can get a response when manually check it with the ldapsearch command.

I also have different ldap applications that use my active directory environment and they work well. (eg jira, jenkins etc …)

When I investigated this problem, I found that many users can connect with similar configurations. When I check attribute and other definitions with the Ldap Admin tool, the parameter that requires a different setting does not appear. But I can’t connect. I got a successful result on the test I did manually, and I know that I actually need to be able to connect. But it looks like a bug on the basis of this app.

I am sharing my information below, can you help me? (I really need it, I’m going crazy.)

Ldap User: test.user
Server Os: CentOS Linux release 7.9.2009 (Core)
Sonarqube Version: sonarqube-enterprise-8.6.0.39681 (onpremise)

[root@sonarqubeserver]# cat sonar.properties


sonar.security.realm=LDAP
ldap.url=ldap://192.168.1.2:3268

ldap.realm=mydomain.net
ldap.authentication=simple
sonar.authenticator.downcase=true

ldap.bindDN=CN=adsvcuser,OU=ServiceAccounts,DC=mydomain,DC=net
ldap.bindPassword=PasswordTest123!Testtt

ldap.user.baseDn=OU=TR,OU=User Accounts,DC=mydomain,DC=net
ldap.user.request=(&(objectClass=user)(sAMAccountName={login}))
ldap.user.realNameAttribute=cn
ldap.user.emailAttribute=mail

ldap Group

ldap.group.baseDn=OU=Groups,DC=mydomain,DC=net
ldap.group.request=(&(objectClass=group)(member={dn}))
ldap.group.idAttribute=sAMAccountName

[root@sonarqubeserver]# ldapsearch -x -b "OU=TR,OU=User Accounts,DC=mydomain,DC=net" -D "CN=adsvcuser,OU=ServiceAccounts,DC=mydomain,DC=net" -H ldap://192.168.1.2:3268 -w 'PasswordTest123!Testtt' "(&(objectClass=user)(sAMAccountName=test.user))"
# extended LDIF
#
# LDAPv3
# base <OU=TR,OU=User Accounts,DC=mydomain,DC=net> with scope subtree
# filter: (&(objectClass=user)(sAMAccountName=test.user))
# requesting: ALL
#

# test.user, TR, User Accounts, mydomain.net
dn: CN=test.user,OU=TR,OU=User Accounts,DC=mydomain,DC=net
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
cn: test.user
sn: user
c: TR
l: Istanbul
telephoneNumber: 12312412312412
givenName: test
distinguishedName: CN=test.user,OU=TR,OU=User Accounts,DC=mydomain,DC=net
instanceType: 4
whenCreated: 12312412341232.0Z
whenChanged: 41231231241231.0Z
displayName: test.user | MyDomain
uSNCreated: 35664044
memberOf: xxx
...
uSNChanged: 174906273
name: test.user
objectGUID:: fklasjdkalsjdklafjakls==
userAccountControl: 512
primaryGroupID: 513
objectSid:: asajknfajsnqwe1samndnomnfndsmadn==
sAMAccountName: test.user
sAMAccountType: 214123342
userPrincipalName: test.user@mydomain.net
objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=mydomain,DC=net
dSCorePropagationData: 12312412312563.0Z
dSCorePropagationData: 56890458497343.0Z
lastLogonTimestamp: 132540485078534934
mail: test.user@mydomain.net
manager: CN=Mrs X,OU=TR,OU=User Accounts,DC=mydomain,DC=net

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1```


[root@sonarqubeserver]# tail -f /var/log/sonarqube/web.log
```2021.01.03 15:15:32 INFO  web[][o.s.s.s.LogServerId] Server ID: 009D8FBF-AXaV6VA34sr7wSvC2UBW
2021.01.03 15:15:32 INFO  web[][org.sonar.INFO] Security realm: LDAP
2021.01.03 15:15:32 INFO  web[][o.s.a.l.LdapSettingsManager] User mapping: LdapUserMapping{baseDn=OU=TR,OU=User Accounts,DC=mydomain,DC=net, request=(&(objectClass=user)(sAMAccountName={0})), realNameAttribute=cn, emailAttribute=mail}
2021.01.03 15:15:32 INFO  web[][o.s.a.l.LdapSettingsManager] Group mapping: LdapGroupMapping{baseDn=OU=Groups,DC=mydomain,DC=net, idAttribute=sAMAccountName, requiredUserAttributes=[dn], request=(&(objectClass=group)(member={0}))}
2021.01.03 15:15:32 DEBUG web[][o.s.a.l.LdapContextFactory] Initializing LDAP context {java.naming.referral=follow, com.sun.jndi.ldap.connect.pool=true, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.security.sasl.realm=mydomain.net, java.naming.provider.url=ldap://192.168.1.2:3268, java.naming.security.authentication=simple}
2021.01.03 15:15:32 INFO  web[][o.s.a.l.LdapContextFactory] Test LDAP connection on ldap://192.168.1.2:3268: OK
2021.01.03 15:15:32 INFO  web[][org.sonar.INFO] Security realm started
2021.01.03 15:15:32 WARN  web[][o.s.a.s.w.WebService$Action] The response example is not set on action api/plugins/download
...
...
...
2021.01.03 15:15:44 DEBUG web[][o.s.s.p.ServerLifecycleNotifier] Notify ServerStopHandler handlers...
2021.01.03 15:15:44 INFO  web[][o.s.s.p.Platform] WebServer is operational
2021.01.03 15:15:44 DEBUG web[][o.s.s.p.Platform] Background initialization of SonarQube done
2021.01.03 15:16:11 DEBUG web[AXbILSguJzbHg1R2AAAB][auth.event] login failure [cause|User must be authenticated][method|BASIC][provider|LOCAL|local][IP|127.0.0.1|82.24.129.13][login|]
2021.01.03 15:16:23 DEBUG web[AXbILSguJzbHg1R2AAAE][o.s.a.l.LdapUsersProvider] Requesting details for user test.user
2021.01.03 15:16:23 DEBUG web[AXbILSguJzbHg1R2AAAE][o.s.a.l.LdapSearch] Search: LdapSearch{baseDn=OU=TR,OU=User Accounts,DC=mydomain,DC=net, scope=subtree, request=(&(objectClass=user)(sAMAccountName={0})), parameters=[test.user], attributes=[mail, cn]}
2021.01.03 15:16:23 DEBUG web[AXbILSguJzbHg1R2AAAE][o.s.a.l.LdapContextFactory] Initializing LDAP context {java.naming.referral=follow, com.sun.jndi.ldap.connect.pool=true, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.security.sasl.realm=mydomain.net, java.naming.provider.url=ldap://192.168.1.2:3268, java.naming.security.authentication=simple}
2021.01.03 15:16:23 DEBUG web[AXbILSguJzbHg1R2AAAE][o.s.a.l.LdapUsersProvider] [LDAP: error code 1 - 000004DC: LdapErr: DSID-0C090A4C, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v3839]
javax.naming.NamingException: [LDAP: error code 1 - 000004DC: LdapErr: DSID-0C090A4C, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v3839]
	at java.naming/com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3299)
	at java.naming/com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3205)
	at java.naming/com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2996)
	at java.naming/com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1875)
	at java.naming/com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1798)
	at java.naming/com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1815)
	at java.naming/com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:418)
	at java.naming/com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:396)
	at java.naming/com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:378)
	at java.naming/javax.naming.directory.InitialDirContext.search(InitialDirContext.java:286)
	at org.sonar.auth.ldap.LdapSearch.find(LdapSearch.java:130)
	at org.sonar.auth.ldap.LdapSearch.findUnique(LdapSearch.java:143)
	at org.sonar.auth.ldap.LdapUsersProvider.getUserDetails(LdapUsersProvider.java:80)
	at org.sonar.auth.ldap.LdapUsersProvider.doGetUserDetails(LdapUsersProvider.java:58)
	at org.sonar.server.authentication.CredentialsExternalAuthentication.doAuthenticate(CredentialsExternalAuthentication.java:96)
	at org.sonar.server.authentication.CredentialsExternalAuthentication.authenticate(CredentialsExternalAuthentication.java:90)
	at org.sonar.server.authentication.CredentialsAuthentication.authenticate(CredentialsAuthentication.java:66)
	at org.sonar.server.authentication.CredentialsAuthentication.authenticate(CredentialsAuthentication.java:54)
	at org.sonar.server.authentication.ws.LoginAction.authenticate(LoginAction.java:121)
	at org.sonar.server.authentication.ws.LoginAction.doFilter(LoginAction.java:100)
	at org.sonar.server.platform.web.MasterServletFilter$GodFilterChain.doFilter(MasterServletFilter.java:139)
	at org.sonar.server.platform.web.MasterServletFilter.doFilter(MasterServletFilter.java:108)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.sonar.server.platform.web.UserSessionFilter.doFilter(UserSessionFilter.java:81)
	at org.sonar.server.platform.web.UserSessionFilter.doFilter(UserSessionFilter.java:68)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.sonar.server.platform.web.CacheControlFilter.doFilter(CacheControlFilter.java:76)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.sonar.server.platform.web.SecurityServletFilter.doHttpFilter(SecurityServletFilter.java:76)
	at org.sonar.server.platform.web.SecurityServletFilter.doFilter(SecurityServletFilter.java:48)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.sonar.server.platform.web.RedirectFilter.doFilter(RedirectFilter.java:58)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.sonar.server.platform.web.RequestIdFilter.doFilter(RequestIdFilter.java:66)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.sonar.server.platform.web.RootFilter.doFilter(RootFilter.java:62)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.apache.catalina.filters.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:109)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:544)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:143)
	at ch.qos.logback.access.tomcat.LogbackValve.invoke(LogbackValve.java:256)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
	at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:616)
	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:831)
	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1634)
	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
	at java.base/java.lang.Thread.run(Thread.java:834)
2021.01.03 15:16:23 DEBUG web[AXbILSguJzbHg1R2AAAE][o.s.a.l.LdapUsersProvider] User test.user not found in <default>
2021.01.03 15:16:23 ERROR web[AXbILSguJzbHg1R2AAAE][o.s.s.a.CredentialsExternalAuthentication] Error during authentication
org.sonar.auth.ldap.LdapException: Unable to retrieve details for user test.user in <default>
	at org.sonar.auth.ldap.LdapUsersProvider.getUserDetails(LdapUsersProvider.java:84)
	at org.sonar.auth.ldap.LdapUsersProvider.doGetUserDetails(LdapUsersProvider.java:58)
	at org.sonar.server.authentication.CredentialsExternalAuthentication.doAuthenticate(CredentialsExternalAuthentication.java:96)
	at org.sonar.server.authentication.CredentialsExternalAuthentication.authenticate(CredentialsExternalAuthentication.java:90)
	at org.sonar.server.authentication.CredentialsAuthentication.authenticate(CredentialsAuthentication.java:66)
	at org.sonar.server.authentication.CredentialsAuthentication.authenticate(CredentialsAuthentication.java:54)
	at org.sonar.server.authentication.ws.LoginAction.authenticate(LoginAction.java:121)
	at org.sonar.server.authentication.ws.LoginAction.doFilter(LoginAction.java:100)
	at org.sonar.server.platform.web.MasterServletFilter$GodFilterChain.doFilter(MasterServletFilter.java:139)
	at org.sonar.server.platform.web.MasterServletFilter.doFilter(MasterServletFilter.java:108)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.sonar.server.platform.web.UserSessionFilter.doFilter(UserSessionFilter.java:81)
	at org.sonar.server.platform.web.UserSessionFilter.doFilter(UserSessionFilter.java:68)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.sonar.server.platform.web.CacheControlFilter.doFilter(CacheControlFilter.java:76)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.sonar.server.platform.web.SecurityServletFilter.doHttpFilter(SecurityServletFilter.java:76)
	at org.sonar.server.platform.web.SecurityServletFilter.doFilter(SecurityServletFilter.java:48)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.sonar.server.platform.web.RedirectFilter.doFilter(RedirectFilter.java:58)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.sonar.server.platform.web.RequestIdFilter.doFilter(RequestIdFilter.java:66)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.sonar.server.platform.web.RootFilter.doFilter(RootFilter.java:62)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.apache.catalina.filters.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingFilter.java:109)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:544)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:143)
	at ch.qos.logback.access.tomcat.LogbackValve.invoke(LogbackValve.java:256)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
	at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:616)
	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:831)
	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1634)
	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
	at java.base/java.lang.Thread.run(Thread.java:834)
Caused by: javax.naming.NamingException: [LDAP: error code 1 - 000004DC: LdapErr: DSID-0C090A4C, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v3839]
	at java.naming/com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3299)
	at java.naming/com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3205)
	at java.naming/com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2996)
	at java.naming/com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1875)
	at java.naming/com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1798)
	at java.naming/com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1815)
	at java.naming/com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:418)
	at java.naming/com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:396)
	at java.naming/com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:378)
	at java.naming/javax.naming.directory.InitialDirContext.search(InitialDirContext.java:286)
	at org.sonar.auth.ldap.LdapSearch.find(LdapSearch.java:130)
	at org.sonar.auth.ldap.LdapSearch.findUnique(LdapSearch.java:143)
	at org.sonar.auth.ldap.LdapUsersProvider.getUserDetails(LdapUsersProvider.java:80)
	... 51 common frames omitted
2021.01.03 15:16:23 DEBUG web[AXbILSguJzbHg1R2AAAE][auth.event] login failure [cause|Unable to retrieve details for user test.user in <default>][method|FORM][provider|REALM|LDAP][IP|127.0.0.1|82.24.129.13][login|test.user]```

Is there anyone who can help? I would be very happy if someone could support me.

I can get user information when I query with the" ldapsearch " command. But when I do this in the config file, the service user cannot be a login.

I also opened the web trace log and found something interesting.
When I try to login with my Ldap user, it sends sql query on the backend. It is looking for the user on the sql database.

As if it can’t log in because it can’t find the user on the sql database, not ldap. Also, I cannot connect with ldap, but I can connect with the local admin user.

2021.01.05 12:20:19 TRACE web[AXbR2LBRBZUJ5aqIAAAF][o.s.s.p.w.UserSessionFilter] Thread[http-nio-0.0.0.0-9000-exec-1,5,main] serves /api/authentication/login

2021.01.05 12:20:19 TRACE web[AXbR2LBRBZUJ5aqIAAAF][sql] time=1ms | sql=SELECT u.uuid as uuid, u.login as login, u.name as name, u.email as email, u.active as "active", u.scm_accounts as "scmAccounts", u.salt as "salt", u.crypted_password as "cryptedPassword", u.hash_method as "hashMethod", u.external_id as "externalId", u.external_login as "externalLogin", u.external_identity_provider as "externalIdentityProvider", u.user_local as "local", u.is_root as "root", u.onboarded as "onboarded", u.reset_password as "resetPassword", u.homepage_type as "homepageType", u.homepage_parameter as "homepageParameter", u.last_connection_date as "lastConnectionDate", u.created_at as "createdAt", u.updated_at as "updatedAt" FROM users u WHERE u.login=? AND u.active=true | params=test.user

2021.01.05 12:20:19 DEBUG web[AXbR2LBRBZUJ5aqIAAAF][o.s.a.l.LdapUsersProvider] Requesting details for user test.user

2021.01.05 12:20:19 DEBUG web[AXbR2LBRBZUJ5aqIAAAF][o.s.a.l.LdapSearch] Search: LdapSearch{baseDn="DC=mydomain,DC=net", scope=subtree, request=(&(objectClass=user)(sAMAccountName={0})), parameters=[test.user], attributes=[mail, cn]}

2021.01.05 12:20:19 DEBUG web[AXbR2LBRBZUJ5aqIAAAF][o.s.a.l.LdapContextFactory] Initializing LDAP context {java.naming.referral=follow, com.sun.jndi.ldap.connect.pool=true, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.security.sasl.realm=DC=mydomain,DC=net, java.naming.provider.url=ldap://192.168.1.2:3268, java.naming.security.authentication=simple}

2021.01.05 12:20:20 DEBUG web[AXbR2LBRBZUJ5aqIAAAF][o.s.a.l.LdapUsersProvider] [LDAP: error code 1 - 000004DC: LdapErr: DSID-0C090A4C, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v3839]

javax.naming.NamingException: [LDAP: error code 1 - 000004DC: LdapErr: DSID-0C090A4C, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v3839]
	at java.naming/com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3299)
...

it seems that my active directory service user (adsvcuser) cannot connect in any way. The service user cannot connect, so the request is made "test.user " cannot find the user. When I watch over active directory, there is no request.

I can get a response using similar methods with the ldapsearch command. But I can’t get it with SonarQube ldap settings. This looks like a bug. Guys, is there anyone who can look at bug issues ?

I’ve tried it separately in the following ways. I also tried adding quotation marks to each one
my domain service user: adsvcuser

ldap.bindDN=mydomain\adsvcuser
or
ldap.bindDN=mydomain\adsvcuser
or
ldap.bindDN=mydomain.net\adsvcuser
or
ldap.bindDN=adsvcuser@mydomain
or
ldap.bindDN=adsvcuser@mydomain.net
or
ldap.bindDN=adsvcuser

Hello @espala,

The original error logged gives a hint:

...In order to perform this operation a successful bind must be completed on the connection., data 0, v3839]

looking at your sonar.properties configuration it seems there’s a (case) typo on the property used to define the bindDn settings. It should be ldap.bindDn not ldap.bindDN

Be careful that all settings are case sensitive :slight_smile:

That may be the simple solution. Let me know.

Olivier

2 Likes

you’re amazing ! I just checked, and you’re right. I missed such a simple mistake. I’ve been trying for days, and I’m so sorry.

Thank you very much for your support.

1 Like

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.