Having issues while setting up Active directory with sonarqube?

[vijay...@gmail.com]

Hi All,

We are using Sonarqube-6.7.2 version and which is running on linux machine. I am trying to integrate with Active Directory, I have installed the LDAP plugin(2.2) from the marketplace and modified the sonar.properties file which under Sonarqube HOME Directory. After adding the below properties and when I restart the application service the strange thing is happening, the application is going down in 2mins. 

I followed this document - https://docs.sonarqube.org/display/PLUG/LDAP+Plugin

# ACTIVE DIRECTORY

sonar.security.realm=LDAP

ldap.url=ldap://ad1-corp:389

ldap.bindDN=CN=svc-sonarqube,OU=Service Accounts,OU=Admin,DC=ad1,DC=corp

ldap.bindPassword=**********

# User Configuration

ldap.user.baseDn DC=ad1,DC=corp

ldap.user.request=(&(objectCategory=Person)(sAMAccountName=*))

ldap.user.realNameAttribute=cn

ldap.user.emailAttribute=mail

# Group Configuration

ldap.group.baseDn OU=IT,OU=File Share Groups,OU=company,DC=ad1,DC=corp

ldap.group.request=(&(objectClass=group)(|(cn=SonarAdmin)(cn=SonarUser)(cn=SonarLead)))

I have restarted application-service numerous times with different configurations but haven't seen LDAP connect message in the logs.

In the logs, I didn't see any errors related to AD or LDAP.

In the sonar.log file, I noticed one warning message

 WARN  app[][o.s.a.p.AbstractProcessMonitor] Process exited with exit value [es]: 143

In the es.log file, there is one warning

WARN  es[][o.e.b.BootstrapChecks] max file descriptors [4096] for elasticsearch process is too low, increase to at least [65536]

Can anyone help me with this integration, Thanks in Advance!

[vijay...@gmail.com]

Hi All,

I have checked the web.log file, I am getting this error when I restart the application service.

2018.06.06 15:42:42 INFO  web[][org.sonar.INFO] Security realm: LDAP

2018.06.06 15:42:42 INFO  web[][o.s.p.l.LdapSettingsManager] User mapping: LdapUserMapping{baseDn=DC=company,DC=corp, request=(&(objectCategory=Person)(sAMAccountName=*)), realNameAttribute=cn, emailAttribute=mail}

2018.06.06 15:42:42 ERROR web[][o.s.s.p.Platform] Background initialization failed. Stopping SonarQube

java.lang.NullPointerException: null

        at org.sonar.plugins.ldap.LdapGroupMapping.<init>(LdapGroupMapping.java:70)

        at org.sonar.plugins.ldap.LdapSettingsManager.getGroupMappings(LdapSettingsManager.java:118)

        at org.sonar.plugins.ldap.LdapRealm.init(LdapRealm.java:58)

        at org.sonar.server.user.SecurityRealmFactory.start(SecurityRealmFactory.java:84)

        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)

        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)

        at java.lang.reflect.Method.invoke(Method.java:498)

        at org.picocontainer.lifecycle.ReflectionLifecycleStrategy.invokeMethod(ReflectionLifecycleStrategy.java:110)

        at org.picocontainer.lifecycle.ReflectionLifecycleStrategy.start(ReflectionLifecycleStrategy.java:89)

        at org.picocontainer.injectors.AbstractInjectionFactory$LifecycleAdapter.start(AbstractInjectionFactory.java:84)

        at org.picocontainer.behaviors.AbstractBehavior.start(AbstractBehavior.java:169)

        at org.picocontainer.behaviors.Stored$RealComponentLifecycle.start(Stored.java:132)

        at org.picocontainer.behaviors.Stored.start(Stored.java:110)

        at org.picocontainer.DefaultPicoContainer.potentiallyStartAdapter(DefaultPicoContainer.java:1016)

        at org.picocontainer.DefaultPicoContainer.startAdapters(DefaultPicoContainer.java:1009)

        at org.picocontainer.DefaultPicoContainer.start(DefaultPicoContainer.java:767)

        at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:134)

        at org.sonar.server.platform.platformlevel.PlatformLevel.start(PlatformLevel.java:90)

        at org.sonar.server.platform.platformlevel.PlatformLevel4.start(PlatformLevel4.java:584)

        at org.sonar.server.platform.Platform.start(Platform.java:211)

        at org.sonar.server.platform.Platform.startLevel34Containers(Platform.java:185)

        at org.sonar.server.platform.Platform.access$500(Platform.java:46)

        at org.sonar.server.platform.Platform$1.lambda$doRun$0(Platform.java:119)

        at org.sonar.server.platform.Platform$AutoStarterRunnable.runIfNotAborted(Platform.java:371)

        at org.sonar.server.platform.Platform$1.doRun(Platform.java:119)

        at org.sonar.server.platform.Platform$AutoStarterRunnable.run(Platform.java:355)

        at java.lang.Thread.run(Thread.java:745)

2018.06.06 15:42:42 INFO  web[][o.s.p.StopWatcher] Stopping process

[dchri...@gmail.com]

Here is what my settings are that work:

I would start here, get it working, then start refinement to get it exactly the way you need it. I have found that this is the base minimum to get it working with AD LDAP.

Hope this helps!

sonar.security.realm=LDAP
ldap.url=ldaps://ldaps.my.company.com/
ldap.bindDn=_sonarldap@my.company.com
ldap.bindPassword=p@$sW0rD

# User Configuration
ldap.user.baseDn=DC=my,DC=CompanyNet,DC=com
ldap.user.request=(&(objectClass=user)(sAMAccountName={login}))

ldap.user.realNameAttribute=cn
ldap.user.emailAttribute=mail

# Group Configuration

ldap.group.baseDn=OU=Groups,DC=my,DC=CompanyNet,DC=com
ldap.group.request=(&(objectClass=group)(member={dn}))

[mrc...@gmail.com]

Hi,

I notice that you have the same problems as I did, I however cannot seem to get any LDAP messages in my web.log even in Debug mode.

Am I looking at the correct log?

I don't seem to see any messages from Security realm

Have you resolved your issue with Sonarqube and active directory connection?

[vijay...@gmail.com]

Hi,

Yes, even I have the same problem. You are looking at the right log which is web.log. first, add only general configuration and restart the service. you should see some logs about LDAP.

# General Configuration

sonar.security.realm=LDAP

ldap.url=ldap://myserver.mycompany.com

ldap.bindDn=my_bind_dn

ldap.bindPassword=my_bind_password

I haven't resolved this issue yet.

[vijay...@gmail.com]

Hi,

I added the below properties as you suggested, but I don't see the users & groups on UI after I restart the service. 

Am I missing anything?

# ACTIVE DIRECTORY

sonar.security.realm=LDAP

ldap.url=ldap://ad1-corp:389

ldap.bindDN=CN=svc-sonarqube,OU=Service Accounts,OU=Admin,DC=ad1,DC=corp

ldap.bindPassword=**********

# User Configuration

ldap.user.baseDn DC=ad1,DC=corp

ldap.user.request=(&(objectCategory=Person)(sAMAccountName={login}))

ldap.user.realNameAttribute=cn

ldap.user.emailAttribute=mail

# Group Configuration

ldap.group.baseDn OU=IT,OU=File Share Groups,OU=company,DC=ad1,DC=corp

ldap.group.request=(&(objectClass=group)(member={dn}))

In the logs, I see no issue -

2018.06.08 12:12:35 INFO  web[][org.sonar.INFO] Security realm: LDAP

2018.06.08 12:12:35 INFO  web[][o.s.p.l.LdapSettingsManager] User mapping: LdapUserMapping{baseDn=DC=ad1,DC=corp, request=(&(objectCategory=Person)(sAMAccountName={0})), realNameAttribute=cn, emailAttribute=mail}

2018.06.08 12:12:35 INFO  web[][o.s.p.l.LdapSettingsManager] Group mapping: LdapGroupMapping{baseDn=OU=IT,OU=File Share Groups,OU=company,DC=ad1,DC=corp, idAttribute=cn, requiredUserAttributes=[dn], request=(&(objectClass=group)(member={0}))}

2018.06.08 12:12:35 INFO  web[][o.s.p.l.LdapContextFactory] Test LDAP connection on ldap://ad1-corp:389: OK

2018.06.08 12:12:35 INFO  web[][org.sonar.INFO] Security realm started

2018.06.08 12:12:35 INFO  web[][o.s.s.t.TelemetryDaemon] Sharing of SonarQube statistics is enabled.