Sonarqube Enterprise v8.9.6
Trying to use LDAP for delegated authentication
The users are able to login but the group membership is still not able to sync despite setting up the configuration in sonar.properties and creating the group first in Sonarqube ui.
The ldap.group.request property should look for member={dn}, not member={sAMAccountName}
Are the groups nested, i.e. are the users actually members of a child group? To enable this, you need to set the ldap.group.request property to ldap.group.request=(&(objectClass=group)(member:1.2.840.113556.1.4.1941:={dn})) . This enables recursive group lookups - don’t ask me why, I found it in a thread somewhere a few years ago.
Make sure the attribute set as ldap.group.idAttribute matches what you’re using as the group name in the SonarQube UI. Groups can have different names for cn, name, displayName, and sAMAccountName.
Thank you. The groups are not nested but the I was missing the right ldap.group.idAttribute. Setting it to the correct value helped resolve the group memberships for the users.