nomie788
(Nomie788)
July 29, 2022, 2:41pm
1
Must-share information (formatted with Markdown ):
SonarQube Developer Edition
Need to restrict admin and User Access to authorized AD Users and Groups.
LDAP integration is complete. Currently any AD User is able to log into SonarQube. We need to restrict it to specific Groups and users
ganncamp
(G Ann Campbell)
August 1, 2022, 1:41pm
2
Hi,
Welcome to the community!
Users are going to be created on first login. But you can restrict what they can see by tightly controlling ‘Browse’ permissions on your projects.
Does that help?
Ann
nomie788
(Nomie788)
August 1, 2022, 3:09pm
3
Hi thanks for the reply. the method we are trying to implement is limiting access to Ad groups.
we should have the option to add an ad group to sonarqube and limit everyone else. at the moment with ldap integration any ad user is able to log in.
ganncamp
(G Ann Campbell)
August 1, 2022, 3:14pm
4
Hi,
Your best bet for this is to somehow craft your lookup strings so that only users in your target group are found at login.
HTH,
Ann
nomie788
(Nomie788)
August 3, 2022, 4:04pm
5
This method worked for me.
ldap.user.request=(&(objectClass=user)(sAMAccountName={login})(memberOf=CN=ldap-sonar-users,OU=groups,DC=example,DC=com))
Restricting login to users from a specific LDAP/AD group - SonarQube - Sonar Community (sonarsource.com)
1 Like