Restricting login to users from a specific LDAP/AD group

active_directory
ldap

(Nicolas Bontoux) #1

This is expected behaviour. With the LDAP Plugin SonarQube fully delegates authentication to your LDAP/AD server. If you wish authentication to be denied based on group membership then you need to check with your AD owners how that could be achieved (knowing that all you’re configuring on your side is the set of baseDn and request).

Another (maybe more simple) approach would be to leverage permissions to lock-out any access to sensitive data: basically adjust permissions so that any user belonging only to sonar-users group would effectively have no permission at all over existing projects.


Having issues while setting up Active directory with sonarqube?
Having issues while setting up Active directory with sonarqube?