We are trying to configure the LDAP 2.0 plugin for SonarQube 5.6 to be able to authenticate users in our AD domain. In the sonar.log we get the following feedback:
2016.09.12 10:55:16 INFO web[o.s.s.p.ServerPluginRepository] Deploy plugin C# / 5.3.1 / 6d9c99cb816b5d82ee23b51dbb05f9ee37a3bf2d 2016.09.12 10:55:16 INFO web[o.s.s.p.ServerPluginRepository] Deploy plugin JavaScript / 2.11 / a9b1afa9ceef7079811779d9efc5f8026acb1400 2016.09.12 10:55:16 INFO web[o.s.s.p.ServerPluginRepository] Deploy plugin LDAP / 2.0 / 2910f3981167a70a201ccfae01471dfd26c794b7 2016.09.12 10:55:16 INFO web[o.s.s.p.ServerPluginRepository] Deploy plugin Web / 2.4 / 61c14c00da36f77d18c019ad2bd7942708e99c13 2016.09.12 10:55:16 INFO web[o.s.d.c.MssqlCharsetHandler] Verify that database columns are case-sensitive and accent-sensitive 2016.09.12 10:55:16 INFO web[o.s.s.p.RailsAppsDeployer] Deploying Ruby on Rails applications 2016.09.12 10:55:16 INFO web[o.s.s.p.RailsAppsDeployer] Deploying app: ldap 2016.09.12 10:55:18 INFO web[o.s.s.p.UpdateCenterClient] Update center: http://update.sonarsource.org/update-center.properties (no proxy) 2016.09.12 10:55:18 INFO web[org.sonar.INFO] Security realm: LDAP 2016.09.12 10:55:18 INFO web[o.s.p.l.LdapSettingsManager] User mapping: LdapUserMapping{baseDn=ou=****,dc=****,dc=****, request=(&(objectClass=User)(sAMAccountName={0})), realNameAttribute=Displayname, emailAttribute=mail} 2016.09.12 10:55:18 INFO web[o.s.p.l.LdapSettingsManager] Group mapping: LdapGroupMapping{baseDn=ou=****,dc=****,dc=****, idAttribute=cn, requiredUserAttributes=[dn], request=(&(objectClass=Group)(name={0}))} 2016.09.12 10:55:18 INFO web[o.s.p.l.LdapContextFactory] Test LDAP connection on ldap://****:389: OK 2016.09.12 10:55:18 INFO web[org.sonar.INFO] Security realm started
The security realm is started, but login attempts never succeed. In the sonar.log we receive the following error during a login attempt:
ERROR web[rails] Error from external users provider: exception Java::OrgSonarApiUtils::SonarException: Unable to retrieve details for user **** in
We've added the following configuration in sonar.properties:
# LDAP configuration
# General Configuration
sonar.security.realm=LDAP
ldap.url: ldap://****:389
sonar.forceAuthentication=true
ldap.windows.compatibilityMode = true
# User Configuration
ldap.user.baseDn=ou=***,dc=***,dc=***
ldap.user.request=(&(objectClass=User)(sAMAccountName={login}))
ldap.user.realNameAttribute=Displayname
ldap.user.emailAttribute=mail
# Group Configuration
ldap.group.baseDn=ou=***,dc=***,dc=***
ldap.group.request=(&(objectClass=Group)(name={dn}))
In the adminstration we are also unable to find users. We've tested the request query (&(objectClass=User)(sAMAccountName={login})) using another tool and it works fine. We are wondering how we should authorize the users. Should they be available in the users page (in administration/security)?