Configuring LDAP with nested groups

Hello,
I need some help to configure LDAP management in SonarQube.
I’m using SonarQube 7.9.1 (Community Edition) and LDAP plugin 2.2 (build 608).

Currently, users can authenticate using their login/password of LDAP. The issue is with groups management. We have set for SonarQube a group that contains two others.

For example:

  • SonarQube-Users
    . SonarQube-Group1
    . SonarQube-Group2

In SonarQube administration, we have created the corresponding groups ( SonarQube-Users, SonarQube-Group1, SonarQube-Group2).

Test case
We have a user belonging to SonarQube-Group1.

Result
When I login to SonarQube, my user has been added to the group SonarQube-Users.
Log extract:
“List of groups returned by the identity provider [SonarQube-Users]”
What seems weird is that there always is only one group retrieved.

Expected Result
When I login to SonarQube, my user is added to SonarQube-Users AND SonarQube-Group1.

The current configuration for groups mapping is:

  • ldap.group.baseDn=CN=SonarQube-Users,CN=Users,DC=domain,DC=com
  • ldap.group.request=(&(objectClass=group)(member:1.2.840.113556.1.4.1941:={dn}))
  • ldap.group.idAttribute=cn

[EDIT]
I saw in this post that someone could manage to make it work, but I have the same configuration as his.

Is there someone who could provide me some help for this issue?

Thank you in advance.

Regards,
Lorenzo Miceli

Ok I found out what wen wrong.
It was the property ‘ldap.group.baseDn’ that was not well configured as we were searching groups in the wrong OU.
A tool help me to figure this out (if anyone is interested): http://www.ldapadmin.org/

1 Like