SAML authentication + LDAP (AD) groups for permissions / authorization

jblaine · February 26, 2026, 8:39pm

Hello, we have an Enterprise 2025.4 LTA zip installation. We need to switch authentication provider over to SAML for MFA (done) yet retain our LDAP-based resolution of groups from Active Directory. So far, all of the other applications we have configured this way work fine and retain the separation of authentication and authorization.

Our recent testing shows that switching to SAML authentication has broken our AD group resolution for permissions management.

Is that expected?

Is the described configuration supported?

ganncamp · February 27, 2026, 5:09pm

Hi,

Unfortunately, what you’re describing is expected. Delegating to two different systems to manage the different aspects is not something we planned for.

Would you mind providing a little more detail on why you need to keep group management in LDAP?

Thx,
Ann

jblaine · February 27, 2026, 8:13pm

>why

Because Active Directory is where our thousands of groups are defined and managed.

Topic		Replies	Views
SAML for authentication, LDAP for authorization SonarQube Server / Community Build sonarqube , ldap , authentication , saml , authorization	2	689	March 4, 2022
Sync SonarQube Groups with AD SonarQube Server / Community Build active_directory , sso	1	58	August 15, 2024
Automate adding users to a security group SonarQube Server / Community Build sonarqube , authentication , saml	3	1261	June 8, 2020
SAML authentication with Entra Id - groups missing SonarQube Server / Community Build	3	102	March 4, 2025
SAML login won't sync groups for user SonarQube Server / Community Build sonarqube , saml , sonarqube-team	2	1557	January 4, 2022

SAML authentication + LDAP (AD) groups for permissions / authorization

Related topics