Unable to connect to LDAP

SonarQube Server / Community Build
1

I’m using SonarQube Server / 8.9.0.43852 and trying to connect to LDAP with the below configurations. It is not successful and throwing the below error.

Do I need any other configuration changes other than the once I used?

Sonar.properties:

sonar.security.realm=LDAP
ldap.url=ldaps://myladp:636
ldap.bindDn=cn=Service Account user,ou=####,ou=Service Accounts,dc=###,dc=##,dc=###,dc=##,dc=us
ldap.bindPassword=my password
ldap.authentication=simple
ldap.user.baseDn=ou=users,dc=##,dc=##,dc=##,dc=##,dc=##
ldap.user.request=(&(objectClass=user)(sAMAccountName={login}))
ldap.user.realNameAttribute=cn
ldap.user.emailAttribute=mail
ldap.group.baseDn=ou=groups,dc=##,dc=##,dc=##,dc=##,dc=##
ldap.group.request=(&(objectClass=group)(member={dn}))
sonar.ce.javaAdditionalOpts=-Djavax.net.ssl.trustStore=/opt/sonarcube/sonarqube-8.9.0.43852/conf/sonartrust -Djavax.net.ssl.trustStorePassword=######

LOGS:

2021.07.15 10:08:06 INFO  web[][o.s.s.a.EmbeddedTomcat] HTTP connector enabled on port 9000
2021.07.15 10:08:07 INFO  web[][A.A.A.A.A.C] JavaScript/TypeScript frontend is enabled
2021.07.15 10:08:07 INFO  web[][o.s.s.p.UpdateCenterClient] Update center: https://update.sonarsource.org/update-center.properties (no proxy)
2021.07.15 10:08:08 INFO  web[][o.s.s.s.LogServerId] Server ID: 60C28E54-AXoQoxbs-MC5GABbOXjp
2021.07.15 10:08:08 WARN  web[][o.s.s.a.LogOAuthWarning] For security reasons, OAuth authentication should use HTTPS. You should set the property 'Administratio                                                n > Configuration > Server base URL' to a HTTPS URL.
2021.07.15 10:08:08 INFO  web[][org.sonar.INFO] Security realm: LDAP
2021.07.15 10:08:08 INFO  web[][o.s.a.l.LdapSettingsManager] User mapping: LdapUserMapping{baseDn=ou=users,dc=som,dc=ad,dc=state,dc=mi,dc=us, request=(&(objectC                                                lass=user)(sAMAccountName={0})), realNameAttribute=cn, emailAttribute=mail}
2021.07.15 10:08:08 INFO  web[][o.s.a.l.LdapSettingsManager] Group mapping: LdapGroupMapping{baseDn=ou=groups,dc=som,dc=ad,dc=state,dc=mi,dc=us, idAttribute=cn,                                                 requiredUserAttributes=[dn], request=(&(objectClass=group)(member={0}))}
2021.07.15 10:08:08 INFO  web[][o.s.a.l.LdapContextFactory] Test LDAP connection: FAIL
2021.07.15 10:08:08 ERROR web[][o.s.s.p.Platform] Background initialization failed. Stopping SonarQube
org.sonar.api.utils.SonarException: Security realm fails to start: Unable to open LDAP connection
        at org.sonar.server.user.SecurityRealmFactory.start(SecurityRealmFactory.java:93)
        at org.sonar.core.platform.StartableCloseableSafeLifecyleStrategy.start(StartableCloseableSafeLifecyleStrategy.java:40)
        at org.picocontainer.injectors.AbstractInjectionFactory$LifecycleAdapter.start(AbstractInjectionFactory.java:84)
        at org.picocontainer.behaviors.AbstractBehavior.start(AbstractBehavior.java:169)
        at org.picocontainer.behaviors.Stored$RealComponentLifecycle.start(Stored.java:132)
        at org.picocontainer.behaviors.Stored.start(Stored.java:110)
        at org.picocontainer.DefaultPicoContainer.potentiallyStartAdapter(DefaultPicoContainer.java:1016)
        at org.picocontainer.DefaultPicoContainer.startAdapters(DefaultPicoContainer.java:1009)
        at org.picocontainer.DefaultPicoContainer.start(DefaultPicoContainer.java:767)
        at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:136)
        at org.sonar.server.platform.platformlevel.PlatformLevel.start(PlatformLevel.java:90)
        at org.sonar.server.platform.platformlevel.PlatformLevel4.start(PlatformLevel4.java:581)
        at org.sonar.server.platform.PlatformImpl.start(PlatformImpl.java:213)
        at org.sonar.server.platform.PlatformImpl.startLevel34Containers(PlatformImpl.java:187)
        at org.sonar.server.platform.PlatformImpl.access$500(PlatformImpl.java:46)
        at org.sonar.server.platform.PlatformImpl$1.lambda$doRun$0(PlatformImpl.java:120)
        at org.sonar.server.platform.PlatformImpl$AutoStarterRunnable.runIfNotAborted(PlatformImpl.java:370)
        at org.sonar.server.platform.PlatformImpl$1.doRun(PlatformImpl.java:120)
        at org.sonar.server.platform.PlatformImpl$AutoStarterRunnable.run(PlatformImpl.java:354)
        at java.base/java.lang.Thread.run(Thread.java:829)
Caused by: org.sonar.auth.ldap.LdapException: Unable to open LDAP connection
        at org.sonar.auth.ldap.LdapContextFactory.testConnection(LdapContextFactory.java:214)
        at org.sonar.auth.ldap.LdapRealm.init(LdapRealm.java:63)
        at org.sonar.server.user.SecurityRealmFactory.start(SecurityRealmFactory.java:87)
        ... 19 common frames omitted
Caused by: javax.naming.CommunicationException: simple bind failed: ##############:636
        at java.naming/com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:219)
        at java.naming/com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2895)
        at java.naming/com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:348)
        at java.naming/com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxFromUrl(LdapCtxFactory.java:262)
        at java.naming/com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:226)
        at java.naming/com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:280)
        at java.naming/com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:185)
        at java.naming/com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:115)
        at java.naming/javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:730)
        at java.naming/javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:305)
        at java.naming/javax.naming.InitialContext.init(InitialContext.java:236)
        at java.naming/javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154)
        at org.sonar.auth.ldap.LdapContextFactory.createInitialDirContext(LdapContextFactory.java:137)
        at org.sonar.auth.ldap.LdapContextFactory.createBindContext(LdapContextFactory.java:95)
        at org.sonar.auth.ldap.LdapContextFactory.testConnection(LdapContextFactory.java:210)
        ... 21 common frames omitted
Caused by: java.net.SocketException: Connection or outbound has closed
        at java.base/sun.security.ssl.SSLSocketImpl$AppOutputStream.write(SSLSocketImpl.java:1205)
        at java.base/java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:81)
        at java.base/java.io.BufferedOutputStream.flush(BufferedOutputStream.java:142)
        at java.naming/com.sun.jndi.ldap.Connection.writeRequest(Connection.java:414)
        at java.naming/com.sun.jndi.ldap.Connection.writeRequest(Connection.java:387)
        at java.naming/com.sun.jndi.ldap.LdapClient.ldapBind(LdapClient.java:359)
        at java.naming/com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:214)
        ... 35 common frames omitted
2021.07.15 10:08:08 INFO  web[][o.s.p.ProcessEntryPoint] Hard stopping process
2

Hi,

The best thing to do here is to perfect your LDAP connection settings outside of SonarQube. I have used a standalone LDAP client for this in the past.

 
HTH,
Ann

3

Hi
Have you found the root cause for this?
I have the same problem upgrading from 8.2 to 8.9.6.
Thanks!

Dian

4

Hi,
Does this issue is fixed? Pls post the solution it will be helpful for me.
Can we integrate SonarQube with Acitve Directory?

Thanks