Hey all! We’ve just successfully moved our user accounts from utilizing LDAP login to SAML login. At this point, we want to unhook LDAP login; however, we have a couple of “LDAP” accounts that have not been switched to SAML that we still need. When I look at the account conversion types, it looks like LDAP and local accounts share the same backend “key” of “sonarqube”. Does SonarQube store the login password for these accounts, or is it always passing it to LDAP? In other words, if we want remove LDAP auth but we still want to be able to login into a couple accounts “locally” (not through SAML), what needs to happen to ensure those logins still work locally to SonarQube?
We don’t store LDAP passwords locally. For those accounts you want to transition from LDAP to local, update them through the UI to set a password and they’re local.
Awesome, thank you! Can I set that password before disconnecting the LDAP connection? As in, Log them in through LDAP > Update password > now they’re “local” accounts > Kill LDAP connection?
they’re local.