Sonarqube Configure Multiple AD groups

Team,
I am trying to Configure Sonar LDAP AD group configuration. in our case we have multiple teams and each team has a different AD group.
Strangely i could see only one AD group users getting synced in Sonar. And other AD groups are not having access to Sonar server. Despite they are all identical with just name change. Please let me know where i am going wrong in configuring the AD groups.

My config in sonar.properties

GROUP MAPPING

ldap.group.request=(&(objectClass=group)(member={dn}))
ldap.group.idAttribute=sAMAccountName

#teamA
ldap.group.baseDn=CN=teamA,OU=Users,OU=MyBusiness,OU=MyDomain,DC=Company,DC=local
#teamB
ldap.group.baseDn=CN=teamB,OU=Users,OU=MyBusiness,OU=MyDomain,DC=Company,DC=local
#teamC
ldap.group.baseDn=CN=teamC,OU=Users,OU=MyBusiness,OU=MyDomain,DC=Company,DC=local

  • SonarQube Community Edition
  • Version 8.4.1 (build 35646)
1 Like

I might be wrong, but I think the config file will only read one line of ldap.group.baseDN.

How about you remove CN from ldap.group.baseDN and have a specific login AD group on ldap.user.request? Then define the login group + teamA-C in Sonarqube gui under Security->Groups?

That way works for me and it populates my accounts only with the AD groups that has a match in sonarqube.
Edit: Something like this, adjust CN, OU, DC etc to your settings

ldap.user.baseDn=OU=Users,OU=groups,DC=local

ldap.user.request=(&(objectClass=user)(sAMAccountName={login})(memberOf=CN=MY_SQ_LOGIN_GROUP,OU=UserApplications,OU=Groups,OU=MyDomain,DC=local))
2 Likes

yes thanks.
Tried the same…
only one ldap.user.request was read that is the last entry that why one one group was syncing the users.

i used below and all groups were configured from Sonar UI.

ldap.group.request=(&(objectClass=group)(member={dn}))
ldap.group.idAttribute=sAMAccountName
ldap.group.baseDn=OU=Users,OU=MyBusiness,OU=MyDomain,DC=Company,DC=local

3 Likes

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.