Define additional SCM Accounts for users from LDAP configuration

authentication

(Jose Maria Cubel) #1

Hello.

Supose that in a project, SCM user authentication field is different from SonarQube login field. Supose that both fields come from the same LDAP/AD user object.

As default SCM accounts for SonarQube users are login and e-mail (see ‘Automatic Issue Assignment > User Correlation’) , in my case, issues are not properly correlated to SonarQube users

The way to match SCM and SonarQube accounts is setting additional SCM accounts for each SonarQube user.

Is it possible to set additional SCM accounts to users in LDAP/AD authentication config in order to apply this accounts automatically?

Regards

JM


(Julien Lancelot) #2

Hi Jose,

It’s not possible to specify SCM accounts when using LDAP authentication, however you can manually set them.

As a system administrator, this can be done by :

Regards,
Julien Lancelot


(Jose Maria Cubel) #3

Thanks @julienlancelot.

I have already considered to use your proposed solutions, but they imply performing periodical manual changes to keep SCM accounts up to date.

I was looking for a configuration in LDAP Authentication configuration similar to this one in order to map a single or several ldap attributes to SCM accounts:

ldap.user.scmAccountsAttributes=<ldapAttribute1>,<ldapAttribute2>,<ldapAttribute3>...

Would you mind considering to add this property as an improvement in LDAP configuration in the future?

Regards

JM


(Julien Lancelot) #4

I understand that using web service is requiring manual operations.

If we do this sync during authentication, as a downside it means that it will override what has been done in UI/WS.

Let’s keep this thread open and see if there are more tractions.

Regards,
Julien Lancelot


(Jose Maria Cubel) #5

I see your point.

Maybe if scmAccounts are set at LDAP level, this functionallity should be locked or disabled at UI/WS level (in the same way you can’t edit name nor reset passwords for LDAP users).

Regards

JM