Hi,
I’m using 9,9LTS version of SonarQube Community Edition deployed using zip file.
I have setup a SAML authentication using Azure AD with group synching enabled. Users are able to login using SAML but users are not being added to the groups. I had made sure that name of groups in Azure AD and Sonarqube matches.
Am I missing something here? Does Sonar community edition support AD group synching?
Hey there.
You’ll probably need to take a look at the SAML Response (which should be visible in your web.log file with DEBUG level logging turned on) to find out after initiating a login
sonar.auth.saml.group.name valid?Hi Colin,
I checked the logs as you suggested.
- Is group information actually being returned in the SAML Response?
In SAML response I see that group information is being returned but instead of group name it’s returning group id.
- Is the value you’re supplying for
sonar.auth.saml.group.namevalid?
Yes. I have added “http://schemas.microsoft.com/ws/2008/06/identity/claims/groups” for value
Then you’ll probably need to sort out how to get the actual group name to be returned from your provider – which is a better question for Microsoft than us!
Thanks Colin! Issue is resolved. I had to enable the option to send group name as well in the AD.