User and Group Permissions

Hi I’m using Sonar Version 7.6 (build 21501).
I connect it to LDAP.
I want to give to specific group an Administration permissions.
After i defined to this group the permissions everything works fine, but when they log out and again log in, all the permissions gone.

What I’m doing wrong ?

As noted in the documentation on Delegated Authentication

When group mapping is configured (i.e the below ldap.group.* properties are configured), membership in LDAP server will override any membership locally configured in SonarQube. LDAP server becomes the one and only place to manage group membership (and the info is fetched each time the user logs in).

This applies to other forms of delegated authentication as well (SSO, etc.)

Have you delegated group mapping to an external authentication source?

And for the record, this point will be much clearer in the docs for 7.8, forward.

1 Like

So how do we give admin permission to the group?

Hi,

these are the steps running Sonarqube in a Windows environment with Active Directory:

  1. Activate LDAP configuration in %SONARQUBE_HOME%/conf.sonar.properties
  2. Create your admin group in Active Directory - e.g. Sonarqube-Admin - and add users
  3. Create a Group with exactly the same name in Sonarqube
  4. Give all permissions to that group via Administration/Security/Global Permissions
    (https://yoursonarhost/admin/permissions) = Administer System,Administer, Execute Analysis and
    Create

Now after login, every user that is member of the Sonarqube-Admin AD group will automatically become a member of the related Sonarqube group Sonarqube-Admin and have all permissions.

Regards,
Gilbert

1 Like

Hi I did what you offer me, but I still not get the same privilege that admin have.
What I’m doing wrong ?