Hi, I saw another thread related to this, but I’m struggling to figure this out.
We have SonarQube installed on a Windows 2016 Server, with SQL 2016 on a separate server. I have installed the plugin manually (2.2 Build 608) and verified that it shows up as “installed”, I have added the lines below to the sonar.properties file and restarted the server by going to the Web GUI > System > Restart Server. When it comes up, I check both the sonar.log and the web.log and don’t see any entries related to LDAP other than the log saying something to the effect of loading LDAP plugin. Am I doing something incorrectly? I feel like I’ve missed something as it doesn’t even seem to be recognizing anything related to my LDAP configuration.
I’ve added these lines just below the Microsoft SQLServer section.
LDAP configuration
General Configuration
sonar.security.realm=LDAP
ldap.url=ldaps://myldapserver.local:636
ldap.bindDn=CN=AD Query,CN=Managed Service Accounts,DC=my,DC=company,DC=local
ldap.bindPassword=************
Note: I did rename my original sonar.properties to sonar.properties.old, the file I am editing is named sonar.properties. I’m hoping that SonarQube isn’t trying to load sonar.properties.old somehow, but just wanted to throw this out there just in case.
Did you ever get this fixed.
I am having the same issues. LDAP 2.2 connecting to a windows 2016 Server.
I get the following in my Web logs
2018.09.27 10:55:28 INFO web[][org.sonar.INFO] Security realm: LDAP
2018.09.27 10:55:28 INFO web[][o.s.p.l.LdapSettingsManager] User mapping: LdapUserMapping{baseDn=cn=Users,dc=Company,dc=net, request=(sAMAccountName={0}), realNameAttribute=cn, emailAttribute=mail}
2018.09.27 10:55:28 INFO web[][o.s.p.l.LdapSettingsManager] Group mapping: LdapGroupMapping{baseDn=cn=Groups,dc=Company,dc=net, idAttribute=sAMAccountName, requiredUserAttributes=[dn], request=(&(objectClass=group)(member={0}))}
2018.09.27 10:55:28 INFO web[][o.s.p.l.LdapContextFactory] Test LDAP connection on ldap://Server01.Company.net: OK
I am still able to login with my sonarQube Creds, Can’t login with AD creds and there are no new users or groups in the security section.
Sorry for the slow response, we did get this working. Here is the configuration we used, obviously, I’ve stripped out any of our proprietary information. Hopefully this will help you.
# LDAP configuration
# General Configuration
sonar.security.realm=LDAP
#ldap.StartTLS=true
ldap.url=ldaps://yourserver.yourdomain.com:yourportnumberhere (i.e. 389 or 636)
ldap.bindDN=distinguished name of an account with rights to query Active Directory (i.e. CN=adqueryaccount,CN=OU,DC=test,DC=com
ldap.bindPassword=password of the account shown above
ldap.authentication=simple
#User Configuration
ldap.user.baseDN=distinguishedname of the OU that will have your SonarQube user's
ldap.user.request=(sAMAccountName={0})
ldap.user.realNameAttribute=cn
ldap.user.emailAttribute=mail
#Group Configuration
ldap.group.baseDn=distinguished name of an AD group that your sonarqube user's may belong to (I believe group configuration is optional)
ldap.group.request=(&(objectClass=group) (memberUid={uid}))
@Rickbond: to complement @kmiller’s input, whenever you fail to authenticate with AD credentials, then the debug logs (you can enable those dynamically via the System Info page) are usually very helpful in figuring out what’s going on (LDAP matters are logged in web.log ).