users sso failed ldap sonarqube

ldap - sso - sonarqube users



SonarQube 5.2, complemento LDAP 1.5: com4j.ComException (2)

El inicio de sesión de AD no es posible después de actualizar desde LDAP 1.4. En el registro TRACE, se registra el siguiente mensaje de error:

DEBUG web[o.s.p.l.w.WindowsUsersProvider] Requesting details for user: xxxxxx ERROR web[rails] Error from external users provider: exception Java::Com4j::ExecutionException: com4j.ComException: 8007203a Failed to MkParseDisplayName : The server is not operational. : ./com4j.cpp:217

La eliminación de la configuración de LDAP de sonar.properties no ayudó. Después de degradar a LDAP 1.4, todo vuelve a funcionar. ¿Perdimos alguna configuración de configuración?

Complemento LDAP 1.5.1 con solución para este problema ( LDAP-49 está disponible y se puede descargar desde el centro de actualizaciones de SonarQube.

Consulte la página de documentación del complemento LDAP de SonarQube :

LDAP 1.5.1 - 02.02.2015 - Compatible con SonarQube 5.2+ Corrección de errores para entornos de Active Directory

Please go through the new changes and try the below mentioned settings. LDAP 1.5 plugin is using Waffle to support Windows Authentication and SSO on Windows OS. LDAP in Windows auth mode supports two ways of login from browser: 1.Single sign On SSO will be performed on hitting any SonarQube url other than /sessions/login . Only domain users are supported through SSO. 2.Form based login from /sessions/login page Domain users Login: <domain/alias> or alias@domain or alias Password: <domain credentials> Technical users Login: <username> Password: <password> On logout, users will be presented login page ( /sessions/login), where he can choose to login as technical user or domain user by passing appropriate credentials. For those users who are already using previous version of LDAP plugin to connect to Microsoft AD and have already defined authorization in terms of those users and group name use following settings in Windows OS: # LDAP configuration sonar.security.realm=LDAP ldap.windows.compatibilityMode=true sonar.log.level=DEBUG (For debugging purpose, remove this if you don''t see any issue) ldap.windows.auth=true ----------------------------------------------------------------------- Default protocol is NTLM which should work for most of the scenarios. Troubleshooting NTLM ◦Enabling NTLM Logging http://goo.gl/3LhU6E If you want to use Kerberos "Negotiate" protocol please use the following steps. Negotiate Authentication Steps: For negotiate authentication to work make sure following steps are followed: 1.Browser Configuration Waffle link: Configuring Browsers (IE/Firefox) https://goo.gl/vcPnrk 2.Kerberos setup Make sure that user has privilege for Kerberos delegation setspn -L username To add preivileges to the current user run setspn -S HTTP/machine:port machine example: setspn -S HTTP/machine:9000 machine 3.The SonarQube application is running as a service(NT service) Troubleshooting Resources 1.Useful Kerberos troubleshooting resources ◦Enabling Kerberos Logging http://support.microsoft.com/kb/262177/en-us ◦Troubleshooting Kerberos Delegation http://www.microsoft.com/en-us/download/confirmation.aspx?id=4754