I am running Sonarqube 6.7.1.35068 on Windows Server 2016 with LDAP plugin 2.2. I have LDAP working, as new users are able to log into Sonarqube with their domain credentials and create an account, but my group filter is not working. I am trying to filter logins based on a specific AD security group membership, but unfortunately all users on the domain are able to login, as the group filtering is not working. The following is my LDAP configuration in the properties file:
#----- LDAP configuration
# General Configuration
sonar.security.realm=LDAP
sonar.authenticator.downcase=true
ldap.url=ldap://ldap.domain.com:3268
[email protected]
ldap.bindPassword=********
# User Configuration
ldap.user.baseDn=dc=ad,dc=domain,dc=com
ldap.user.request=(&(objectClass=user)(sAMAccountName={login}))
ldap.user.realNameAttribute=cn
ldap.user.emailAttribute=mail
# Group Configuration
ldap.group.baseDn=CN=Sonarqube,OU=Software Access,OU=Security Groups,OU=AD Groups,DC=ad,DC=domain,DC=com
ldap.group.request=(&(objectClass=group)(memberOf={dn}))
ldap.group.idAttribute=sAMAccountName
I have tried several different combinations for the ldap.group.baseDn and ldap.group.request values, but have not had any success with user filtering based on AD group membership. There unfortunately are no good specific detailed examples on how to configure these 2 values for Sonarqube. Anyone?