Incorrect creation of Sonar users from LDAP since upgrading to version 9

  • Sonarqube 9.9.4
  • Deploy: zip and Helm

In our company we have configured the company’s LDAP in Sonar.

Until the update to version 9, when a user logged in for the first time, the Sonar username was created exactly the same as their ldap user.

However, since version 9, despite the fact that users continue to authenticate with their ldap username and password, the user that is generated in sonar when performing the first login is no longer their ldap user, but

“name”-“surname”“random 5-digit number”

We haven’t changed the ldap settings in Sonar with the Sonar version change.

Why this change in user generation? Is there anything that can be changed so that Sonar users are generated with the ldap user as was the case before?


This change was introduce to handle instances connected with multiple LDAP servers, to avoid the risk of misidentification.

You can find the details here.

The change can’t be avoided.


1 Like

Thank you very much for your reply.

The main problem we have due to the change is that, when we search for a post-upgrade user by their ldap identifier to register them in a group, the search engine does not find them.
In order to find it, we have to enter the user’s name and surname. And we normally use for all the user management the ldap identifier.

And now we have users, the pre-upgrade users, whose local login is the ldap identifier, and others, the post-upgrade users, whose local login is the new format.

Hi @yago,

As I understand, your need is to be able to search users by their external login in SonarQube for some automation?

The API /api/v2/users-management/users?externalIdentity=<extIdentity> was designed especially for that.

However, to access this endpoint, you will need to upgrade to SonarQube 10.5.


Hi Aurélien,

It is not for automation. It is simply for assign user to groups in the Sonar web.

The data that we know about the user that we have to assign to a group is his ldap id, not his name and surname. But if we search, in the window where the users are assigned to groups in the sonar web, with the ldap id, we don’t find him.

So, we have to go to our ldap, search the name and surname of the ldap id, go back to sonar and search the user with his name and surname, and then we do find it and then we can assign it to the group.

Before Sonar 9 version, we only had to search the user in the window where the users are assigned to groups with his ldap id and we found it. it was much more faster.