Sonarqube and Microsoft Active Directory connection
836 views
Skip to first unread message
mrc...@gmail.com
Jun 6, 2018, 12:11:26 AM6/6/18
to SonarQube
Hi,
I have am evaluating SonarQube Developer edition v6.7.3.38370 with LDAP v2.2 (build 608) plugin.
I have tried to configure SonarQube to our company's Active Directory but with no connection to our server at all. I have see numerous post suggesting that the logs should be set to debug in "sonar.properties" and that in the logs I should be able to see LDAP messages, I cannot see any of these connection or even error messages appearing at all. There is one clue that I could see from the logs that suggest that SonarQube still thinks that it is in local authentication mode:
DEBUG web[][auth.event] login failure [cause|No active user for login][method|FORM][provider|LOCAL|local][IP|10.0.2.2|][login|username]
DEBUG web[][auth.event] login success [method|FORM][provider|LOCAL|local][IP|10.0.2.2|][login|admin]
DEBUG web[][auth.event] login success [method|FORM][provider|LOCAL|local][IP|10.0.2.2|][login|admin]
I have restarted server numerous times with different configurations but have yet to see a LDAP connect message in the logs.
Also this is a docker container, I don't know if this makes any difference.
here is the excerpt from sonar.properties relating to the LDAP server setup: (using an account created on our AD called bitbucke...@thiscompany.local)
# LDAP configuration
# General Configuration
sonar.security.realm=LDAP
sonar.authenticator.downcase=true
ldap.followReferrals=false
ldap.authentication=simple
ldap.realm=thiscompany.local
ldap.url=ldap://server15.thiscompany.local:389
ldap.bindDn=cn=bitbucket.service,OU=Users,OU=MyBusiness,DC=thiscompany,DC=local
ldap.bindPassword=thepassword
# General Configuration
sonar.security.realm=LDAP
sonar.authenticator.downcase=true
ldap.followReferrals=false
ldap.authentication=simple
ldap.realm=thiscompany.local
ldap.url=ldap://server15.thiscompany.local:389
ldap.bindDn=cn=bitbucket.service,OU=Users,OU=MyBusiness,DC=thiscompany,DC=local
ldap.bindPassword=thepassword
# User Configuration
ldap.user.baseDn=dc=thiscompany,dc=local
ldap.user.request=(&(objectCategory=Person)(sAMAccountName={login}))
ldap.user.realNameAttribute=displayName
ldap.user.emailAttribute=mail
ldap.user.baseDn=dc=thiscompany,dc=local
ldap.user.request=(&(objectCategory=Person)(sAMAccountName={login}))
ldap.user.realNameAttribute=displayName
ldap.user.emailAttribute=mail
dchri...@gmail.com
Jun 6, 2018, 2:28:00 PM6/6/18
to SonarQube
Here is what my settings are that work:
You may have some settings that are not needed.
sonar.security.realm=LDAP
ldap.url=ldaps://ldaps.my.company.com/
ldap.bindDn=_sonarlda@my.company.com
ldap.bindPassword=p@$sW0rD
# User Configuration
ldap.user.baseDn=DC=my,DC=CompanyNet,DC=com
ldap.user.request=(&(objectClass=user)(sAMAccountName={login}))
ldap.user.realNameAttribute=cn
ldap.user.emailAttribute=mail
# Group Configuration
ldap.group.baseDn=OU=Groups,DC=my,DC=CompanyNet,DC=com
ldap.group.request=(&(objectClass=group)(member={dn}))
On Tuesday, June 5, 2018 at 9:11:26 PM UTC-7, mrc...@gmail.com wrote:
Hi,I have am evaluating SonarQube Developer edition v6.7.3.38370 with LDAP v2.2 (build 608) plugin.I have tried to configure SonarQube to our company's Active Directory but with no connection to our server at all. I have see numerous post suggesting that the logs should be set to debug in "sonar.properties" and that in the logs I should be able to see LDAP messages, I cannot see any of these connection or even error messages appearing at all. There is one clue that I could see from the logs that suggest that SonarQube still thinks that it is in local authentication mode:DEBUG web[][auth.event] login failure [cause|No active user for login][method|FORM][provider|LOCAL|local][IP|10.0.2.2|][login|username]
DEBUG web[][auth.event] login success [method|FORM][provider|LOCAL|local][IP|10.0.2.2|][login|admin]I have restarted server numerous times with different configurations but have yet to see a LDAP connect message in the logs.Also this is a docker container, I don't know if this makes any difference.
here is the excerpt from sonar.properties relating to the LDAP server setup: (using an account created on our AD called bitbucket.service@thiscompany.local)
mrc...@gmail.com
Jun 7, 2018, 8:29:42 PM6/7/18
to SonarQube
I have cleaned up my config a bit now:
# LDAP configuration
# General Configuration
sonar.security.realm=LDAP
# General Configuration
sonar.security.realm=LDAP
ldap.url=ldap://server15.thiscompany.local
ldap.bindDn=bitbucke...@thiscompany.local
ldap.bindDn=bitbucke...@thiscompany.local
ldap.bindPassword=thepassword
# User Configuration
ldap.user.baseDn=dc=thiscompany,dc=local
ldap.user.baseDn=dc=thiscompany,dc=local
ldap.user.request=(&(objectClass=user)(sAMAccountName={login}))
ldap.user.realNameAttribute=cn
ldap.user.emailAttribute=mail
Still I am not getting any feedback in the logs regarding LDAP connection messages even with the logs set to Debug. Is there any other way to debug this issue?
Reply all
Reply to author
Forward
0 new messages