Restrict login access to Sonarqube based on LDAP Group

Must-share information (formatted with Markdown):

  • which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
    Version 10.1 (build 73491)
  • how is SonarQube deployed: zip, Docker, Helm
  • what are you trying to achieve
    LDAP is setup. anyone in LDAP can login to SQ Server (security concern). I need to limit login to one or two groups in LDAP only.
    I need to limit access to “sq-group” only.
  • what have you tried so far to achieve this
    I followed Restrict access to Sonarqube based on LDAP Group Membership?.
    Is there syntax error in config (I got Authentication failed).

Anyone in LDAP can login with this:
LDAP configuration

User Configuration

Group Configuration,DC=adcorp,DC=company,DC=com{uid}))

When I change to:


Authentication failed

sq-group is a Global group in domain.

Hey there.

You’re on the right path configuring ldap.user.request.

And, I think it will be hard for somebody to help who doesn’t intimately undestand your AD setup. Here’s a few tips:

  • This page](LDAP Filter Syntax) is quite helpful in understanding LDAP queries
  • SonarQube’s LDAP integration is just a java wrapper around ldapsearch, which is useful for trying out LDAP queries.