Hello,
We recently had our underlying LDAP service changed from Sun Microsystems to Ping authentication, this did not seem to cause any visible issues at the time of the upgrade, but now some users who have changed their passwords cannot seem to login to our Sonarqube instance, when they try they receive this error:
2020.11.30 15:09:58 DEBUG web[AXYZ3UdoW2PiQKDvAOvd][auth.event] login failure [cause|Email 'NARENDRA.MANNA@LibertyMutual.com' is already used][method|FORM][provider|REALM|LDAP][IP|10.225.33.123|10.235.80.225, 10.235.80.225][login|N0204293]
Additionally I see the Users who are trying to login already exist in Sonar and they report they have had access prior to this change. Based on the below article it seems that during authentication users cannot use an email in use by another user.
I think what is happening is that now that the underlying LDAP has changed and the user’s changed their password, Sonarqube thinks that they are a difference user and denies them due to conflicting email addresses. Does anyone know a way this can be remedied, preferably without an outage? Alternatively does anyone have a query or action that will let me remove and re-sync the users in our Sonarqube instance?
Sonarqube version 8.4.1.
Thanks,
Brandon
Edit: It looks like we do not see this issue for new users, only for users that logged in prior to this LDAP change. Additionally I cannot deactivate users using the UI that are having this authentication issue.