which versions are you using (SonarQube, Scanner, Plugin, and any relevant extension)
what are you trying to achieve
what have you tried so far to achieve this
SonarQube version - 8.9 LTS
We already have the AAD plugin
I am trying to implement SSO on SONARQUBE . But I am unable to do it .
Under Administration → Azure Active Directory ,
Group Synchronization is disabled .
Should I enable that ? Or it will create a disaster and all the groups of AD will get lost in Sonarqube .
Please guide me should I proceed or not .
So you know, that plugin isn’t maintained or supported by SonarSource. In fact based on the repo, it’s not clear to me that it’s currently maintained at all (altho to be fair, it’s perfectly possible that no changes have been needed in the last 2 years).
And to answer your question, it shouldn’t be possible to mess up anything in AD by turning on groups synchronization in SonarQube. That feature simply updates the SonarQube-local copy of the user record with a current set of user groups (copied from AAD) at each login.
There are already groups in Active Directory which are in synch with SONARQUBE.
So my question is that , if I enable that Group Synchronization , will it affect already existing group ? Will the Group and permission break ?
When using group mapping, the following caveats apply regardless of which delegated authentication method is used:
membership in synchronized groups will override any membership locally configured in SonarQube at each login
membership in a group is synched only if a group with the same name exists in SonarQube
membership in the default group sonar-users remains (this is a built-in group) even if the group does not exist in the identity provider
When group mapping is configured, the delegated authentication source becomes the one and only place to manage group membership, and the user’s groups are re-fetched with each log in.
I am not following that document . I am following this process -
Also I have another question . What if the group Synchronization is already enabled and I first disable it and then enable . Then how it will affect the existing group ?will it overwrite the group or create another copy of all group?