SonarQube 9.5.0.56709 LDAP couldn't find user

rosdyana · July 11, 2022, 3:46am

SonarQube Information:
– Version: 9.5.0.56709 Developer Edition

Hello, we are trying to enable LDAP with Active Directory in our SonarQube developer edition.
These are our current config

sonar.web.javaAdditionalOpts=-Djavax.net.ssl.trustStore=D:/sonarqube-9.5.0.56709/conf/cacerts -Djavax.net.ssl.trustStorePassword=****

sonar.security.realm=LDAP
sonar.authenticator.downcase=true
ldap.url=ldaps://****.****.****:3269

ldap.bindDn=CN=****,OU=****,OU=****,DC=****,DC=****
ldap.bindPassword=****

ldap.user.baseDn=OU=****,DC=****,DC=****
ldap.user.request=(&(objectClass=user)(sAMAccountName={login}))

Since we are using ldaps protocol, we have registered the certificate in our java trust store.

The LDAP connection is OK, but the problem is we are not able to log in because the user is not found.

We have tried to log in with these combinations

org/username
username

This is the logs

2022.07.11 11:30:39 DEBUG web[AYHrTq6qldIUpIRUAAAG][o.s.a.l.LdapUsersProvider] Requesting details for user tony_stark
2022.07.11 11:30:39 DEBUG web[AYHrTq6qldIUpIRUAAAG][o.s.a.l.LdapSearch] Search: LdapSearch{baseDn=OU=****,DC=****,DC=****, scope=subtree, request=(&(objectClass=user)(sAMAccountName={0})), parameters=[tony_stark], attributes=[mail, cn]}
2022.07.11 11:30:39 DEBUG web[AYHrTq6qldIUpIRUAAAG][o.s.a.l.LdapContextFactory] Initializing LDAP context {java.naming.referral=follow, java.naming.security.principal=CN=****,OU=****,OU=****,DC=****,DC=****, com.sun.jndi.ldap.connect.pool=true, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.provider.url=ldaps://****.****.****:3269, java.naming.security.authentication=simple}
2022.07.11 11:30:39 DEBUG web[AYHrTq6qldIUpIRUAAAG][jdk.event.security]  TLSHandshake: ****.****.****:3269, TLSv1.2, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, -131930106
2022.07.11 11:30:39 DEBUG web[AYHrTq6qldIUpIRUAAAG][o.s.a.l.LdapUsersProvider] User tony_stark not found in <default>
2022.07.11 11:30:39 DEBUG web[AYHrTq6qldIUpIRUAAAG][auth.event] login failure [cause|No user details][method|FORM][provider|REALM|LDAP][IP|0:0:0:0:0:0:0:1|10.96.158.23:55509][login|tony_stark]

Any idea how to solve it?

Colin · July 11, 2022, 3:12pm

Hey there.

Our implementation of LDAP is not particularly complex It takes the configuration that you set and effectively performs an ldapsearch to get information from the LDAP server. This means you can debug the values you’ve passed to SonarQube just by running ldapsearch in a Unix environment.

rosdyana · July 12, 2022, 1:56am

Thank you so much @Colin, I am able to debug it with the ldapsearch. It seems I need to use specific DN in ldap.user.request to make it works.

system · July 19, 2022, 1:56am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
LDAP and Sonarqube is up and running but can't see ldap users SonarQube Server / Community Build	3	662	August 4, 2022
About the SonarQube ldaps integration problem SonarQube Server / Community Build java , ldap , ssl	4	2242	January 19, 2021
How to integrate Active Directory with SonarQube SonarQube Server / Community Build	1	654	January 2, 2023
Trouble getting integrated with Active Directory SonarQube Server / Community Build ldap , active_directory	2	8784	June 20, 2018
LDAP Authentication failing on Sonarqube 8.4.2 SonarQube Server / Community Build sonarqube	0	220	September 16, 2021

SonarQube 9.5.0.56709 LDAP couldn't find user

Related topics