- SonarQube Information:
– Version: 9.5.0.56709 Developer Edition
Hello, we are trying to enable LDAP with Active Directory in our SonarQube developer edition.
These are our current config
sonar.web.javaAdditionalOpts=-Djavax.net.ssl.trustStore=D:/sonarqube-9.5.0.56709/conf/cacerts -Djavax.net.ssl.trustStorePassword=****
sonar.security.realm=LDAP
sonar.authenticator.downcase=true
ldap.url=ldaps://****.****.****:3269
ldap.bindDn=CN=****,OU=****,OU=****,DC=****,DC=****
ldap.bindPassword=****
ldap.user.baseDn=OU=****,DC=****,DC=****
ldap.user.request=(&(objectClass=user)(sAMAccountName={login}))
Since we are using ldaps protocol, we have registered the certificate in our java trust store.
The LDAP connection is OK, but the problem is we are not able to log in because the user is not found.
We have tried to log in with these combinations
- org/username
- username
This is the logs
2022.07.11 11:30:39 DEBUG web[AYHrTq6qldIUpIRUAAAG][o.s.a.l.LdapUsersProvider] Requesting details for user tony_stark
2022.07.11 11:30:39 DEBUG web[AYHrTq6qldIUpIRUAAAG][o.s.a.l.LdapSearch] Search: LdapSearch{baseDn=OU=****,DC=****,DC=****, scope=subtree, request=(&(objectClass=user)(sAMAccountName={0})), parameters=[tony_stark], attributes=[mail, cn]}
2022.07.11 11:30:39 DEBUG web[AYHrTq6qldIUpIRUAAAG][o.s.a.l.LdapContextFactory] Initializing LDAP context {java.naming.referral=follow, java.naming.security.principal=CN=****,OU=****,OU=****,DC=****,DC=****, com.sun.jndi.ldap.connect.pool=true, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.provider.url=ldaps://****.****.****:3269, java.naming.security.authentication=simple}
2022.07.11 11:30:39 DEBUG web[AYHrTq6qldIUpIRUAAAG][jdk.event.security] TLSHandshake: ****.****.****:3269, TLSv1.2, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, -131930106
2022.07.11 11:30:39 DEBUG web[AYHrTq6qldIUpIRUAAAG][o.s.a.l.LdapUsersProvider] User tony_stark not found in <default>
2022.07.11 11:30:39 DEBUG web[AYHrTq6qldIUpIRUAAAG][auth.event] login failure [cause|No user details][method|FORM][provider|REALM|LDAP][IP|0:0:0:0:0:0:0:1|10.96.158.23:55509][login|tony_stark]
Any idea how to solve it?