Unable to edit portfolio with LDAP user

Hello SonarQube Community,

  • which version: SonarQube

  • how is configured my instance:

My instance of SonarQube is connected to Active Directory.
AD users are able to log-in to SonarQube with their AD account.
I have configured groups in SonarQube (same group names as in AD) with different sets of permissions for different kind of users.


The permissions are correctly applied when the different users log-in: a user that belongs to MyGroup-Admin is able to administrate the instance, while a user that belongs to MyGroup-DevOps can’t.

  • what are you trying to achieve:

I log-in with an AD user that belongs to MyGroup-Admin, and I want to edit portfolios, but I can’t as I don’t see “Portfolio Settings” on the top.

Whereas, if I log-in with a user that I have created in SonarQube, which has the exact same permissions as the ones set for MyGroup-Admin, and which belongs to sonar-administrators, I am able to edit portfolios as I can see and click on “Portfolio Settings”.

  • what have you tried so far to achieve this:

I have tried to assign the group ‘sonar-administrators’ to the specific users that connect from AD, but it keeps on being removed when they log-in to SonarQube.

I would rather not adding ‘sonar-administrators’ as a group in AD.

Any idea what could be the issue? Can you please help me with that?

Thank you very much!


Hey Guillaume,

Make sure that the permission template being applied to new Portfolios contains the groups you need (MyGroup-Admin).

For existing portfolios you can reapply a permission template (Global Administration > Projects > Management and filter to Portfolios) or just add the group in the Portfolio settings while logged in with a local user belonging to sonar-administrators.

Brilliant! Thanks a lot Colin, I got what I wanted after updating the Permission Template.

edit: Happy Birthday Colin :birthday:


1 Like

Hey @ggoisset i have just asked a question concerning SSO here and now i read your question/concern here … and i think to myself:

wait, maybe Guillaume - in his setting - did find a solution how to SSO while using AD-LDAPS! :innocent:

so … if i may ask … did you? Are you using SSO for your users or do they have to manually enter credentials? :nerd_face:

thank you for consideration! :blush: :pray:


This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.