Login name not identical to externalIdentity

Hi there,

I’m using LTS version 8.9.3 and currently I have the task to somehow sync users from SonarQube with our external Active Directory. I wrote a short script, which provides me information like the login, externalIdentity, the corresponding user from AD and so on.

During this investigations I came across the strange effect, that for some users login differs from externalIdentity. I tried to find out where SonarQube might eventually store a DN from the user somewhere to be able to connect the fields login with externalIdentity, when sAMAccountName in AD might change, but no success.

My LDAP filter is as simple as (&(objectCategory=Person)(sAMAccountName={login})), so, from my point of view a user with login=FOO and externalIdentity=BAR wont’t be able to login to SonarQube. But why has it changed in the database? Where’s the pointer to the DN? Can anyone give me some hints? The docs are not very specific, the string externalIdentity is not even found in the docs.

Many thanks in advance, regards, Thomas

Hi Thomas,

Are you sure these users weren’t created in SonarQube before you set up delegated authentication?