I got these errors when trying to connect to LDAP via sonarqube:
2016.09.13 09:35:16 DEBUG web[o.s.p.l.LdapUsersProvider] Requesting details for user sonartester 2016.09.13 09:35:16 DEBUG web[o.s.p.l.LdapSearch] Search: LdapSearch{baseDn=cn=Users,dc=mydomain,dc=com, scope=subtree, request=(&(objectClass=user)(sAMAccountName={0})), parameters=[sonartester], attributes=[mail, cn]} 2016.09.13 09:35:16 DEBUG web[o.s.p.l.LdapContextFactory] Initializing LDAP context {java.naming.provider.url=ldap://myip:389, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, com.sun.jndi.ldap.connect.pool=true, java.naming.security.authentication=simple, java.naming.security.sasl.realm=mydomain.com, java.naming.referral=follow} 2016.09.13 09:35:16 DEBUG web[o.s.p.l.LdapUsersProvider] [LDAP: error code 1 - 000004DC: LdapErr: DSID-0C090728, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v2580] javax.naming.NamingException: [LDAP: error code 1 - 000004DC: LdapErr: DSID-0C090728, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, v2580]
....
2016.09.13 09:35:16 DEBUG web[o.s.p.l.LdapUsersProvider] User sonartester not found in 2016.09.13 09:35:16 ERROR web[o.s.s.a.RealmAuthenticator] Error during authentication org.sonar.api.utils.SonarException: Unable to retrieve details for user sonartester in 2016.09.13 09:35:16 DEBUG web[o.s.p.l.LdapUsersProvider] User sonartester not found in 2016.09.13 09:35:16 ERROR web[o.s.s.a.RealmAuthenticator] Error during authentication org.sonar.api.utils.SonarException: Unable to retrieve details for user sonartester in
I've created user SONARTEST found in the Users OU and member of the my-group. The group is also found in the Users OU. Here is my config:
sonar.security.realm=LDAP
sonar.authenticator.createUsers=true
ldap.url=ldap://myip:389
ldap.bindDn.=cn=someusername,ou=Users,o=mydomain
ldap.bindPassword.=somepassword
ldap.authentication=simple
ldap.realm=mydomain.com
ldap.user.baseDn=cn=Users,dc=mydomain,dc=com
ldap.user.request=(&(objectClass=user)(sAMAccountName={login}))
ldap.user.realNameAttribute=cn
ldap.group.baseDn=ou=Users,dc=mydomain,dc=com
ldap.group.request=(&(objectClass=my-group)(member={dn}))
ldap.group.idAttribute=sAMAccountName
The user used for the bind has all necessary rights, and is found in the Users OU also. I used the same user to connect to ldap on confluence and everything went fine. Greatful if someone could help me. Thaks
Thanks Nicolas for your reply
Removing the dots gives another error while restarting the service which is unable to start.
2016.09.13 15:46:00 INFO web[org.sonar.INFO] Security realm: LDAP
2016.09.13 15:46:00 INFO web[o.s.p.l.LdapSettingsManager] User mapping: LdapUserMapping{baseDn=cn=Users,dc=mydomain,dc=com, request=(&(objectClass=user)(sAMAccountName={0})), realNameAttribute=cn, emailAttribute=mail}
2016.09.13 15:46:01 INFO web[o.s.p.l.LdapSettingsManager] Group mapping: LdapGroupMapping{baseDn=ou=Users,dc=mydomain,dc=com, idAttribute=sAMAccountName, requiredUserAttributes=[dn], request=(&(objectClass=mygroup)(member={0}))}
2016.09.13 15:46:01 DEBUG web[o.s.p.l.LdapContextFactory] Initializing LDAP context {java.naming.provider.url=ldap://myip:389, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.security.principal=cn=someusername,ou=Users,o=mydomain, com.sun.jndi.ldap.connect.pool=true, java.naming.security.authentication=simple, java.naming.security.sasl.realm=mydomain.com, java.naming.referral=follow}
2016.09.13 15:46:02 INFO web[o.s.p.l.LdapContextFactory] Test LDAP connection: FAIL
2016.09.13 15:46:02 ERROR web[o.a.c.c.C.[.[.[/]] Exception sending context initialized event to listener instance of class org.sonar.server.platform.PlatformServletContextListener
java.lang.IllegalStateException: Unable to open LDAP connection
at org.sonar.plugins.ldap.LdapContextFactory.testConnection(LdapContextFactory.java:146) ~[na:na]
at org.sonar.plugins.ldap.LdapRealm.init(LdapRealm.java:64) ~[na:na]
at org.sonar.server.user.SecurityRealmFactory.start(SecurityRealmFactory.java:84) ~[sonar-server-6.0.jar:na]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.8.0_91]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:1.8.0_91]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.8.0_91]
at java.lang.reflect.Method.invoke(Method.java:498) ~[na:1.8.0_91]
at org.picocontainer.lifecycle.ReflectionLifecycleStrategy.invokeMethod(ReflectionLifecycleStrategy.java:110) ~[picocontainer-2.15.jar:na]
at org.picocontainer.lifecycle.ReflectionLifecycleStrategy.start(ReflectionLifecycleStrategy.java:89) ~[picocontainer-2.15.jar:na]
at org.sonar.core.platform.ComponentContainer$1.start(ComponentContainer.java:320) ~[sonar-core-6.0.jar:na]
at org.picocontainer.injectors.AbstractInjectionFactory$LifecycleAdapter.start(AbstractInjectionFactory.java:84) ~[picocontainer-2.15.jar:na]
at org.picocontainer.behaviors.AbstractBehavior.start(AbstractBehavior.java:169) ~[picocontainer-2.15.jar:na]
at org.picocontainer.behaviors.Stored$RealComponentLifecycle.start(Stored.java:132) ~[picocontainer-2.15.jar:na]
at org.picocontainer.behaviors.Stored.start(Stored.java:110) ~[picocontainer-2.15.jar:na]
at org.picocontainer.DefaultPicoContainer.potentiallyStartAdapter(DefaultPicoContainer.java:1016) ~[picocontainer-2.15.jar:na]
at org.picocontainer.DefaultPicoContainer.startAdapters(DefaultPicoContainer.java:1009) ~[picocontainer-2.15.jar:na]
at org.picocontainer.DefaultPicoContainer.start(DefaultPicoContainer.java:767) ~[picocontainer-2.15.jar:na]
at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:141) ~[sonar-core-6.0.jar:na]
at org.sonar.server.platform.platformlevel.PlatformLevel.start(PlatformLevel.java:84) ~[sonar-server-6.0.jar:na]
at org.sonar.server.platform.platformlevel.PlatformLevel4.start(PlatformLevel4.java:687) ~[sonar-server-6.0.jar:na]
at org.sonar.server.platform.Platform.start(Platform.java:216) ~[sonar-server-6.0.jar:na]
at org.sonar.server.platform.Platform.startLevel34Containers(Platform.java:190) ~[sonar-server-6.0.jar:na]
at org.sonar.server.platform.Platform.doStart(Platform.java:113) ~[sonar-server-6.0.jar:na]
at org.sonar.server.platform.Platform.doStart(Platform.java:99) ~[sonar-server-6.0.jar:na]
at org.sonar.server.platform.PlatformServletContextListener.contextInitialized(PlatformServletContextListener.java:44) ~[sonar-server-6.0.jar:na]
at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4812) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5255) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:147) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1408) [tomcat-embed-core-8.0.32.jar:8.0.32]
at org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1398) [tomcat-embed-core-8.0.32.jar:8.0.32]
at java.util.concurrent.FutureTask.run(FutureTask.java:266) [na:1.8.0_91]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [na:1.8.0_91]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [na:1.8.0_91]
at java.lang.Thread.run(Thread.java:745) [na:1.8.0_91]
Caused by: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 52e, v2580]
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3135) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3081) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2883) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2797) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:210) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:153) ~[na:1.8.0_91]
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:83) ~[na:1.8.0_91]
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684) ~[na:1.8.0_91]
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313) ~[na:1.8.0_91]
at javax.naming.InitialContext.init(InitialContext.java:244) ~[na:1.8.0_91]
at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154) ~[na:1.8.0_91]
at org.sonar.plugins.ldap.LdapContextFactory.createInitialDirContext(LdapContextFactory.java:95) ~[na:na]
at org.sonar.plugins.ldap.LdapContextFactory.createBindContext(LdapContextFactory.java:83) ~[na:na]
at org.sonar.plugins.ldap.LdapContextFactory.testConnection(LdapContextFactory.java:142) ~[na:na]
... 33 common frames omitted
2016.09.13 15:46:02 ERROR web[o.a.c.c.StandardContext] One or more listeners failed to start. Full details will be found in the appropriate container log file
2016.09.13 15:46:02 ERROR web[o.a.c.c.StandardContext] Context [] startup failed due to previous errors
2016.09.13 15:46:02 WARN web[o.a.c.l.WebappClassLoaderBase] The web application [ROOT] appears to have started a thread named [Abandoned connection cleanup thread] but has failed to stop it. This is very likely to create a memory leak. Stack trace of thread:
java.lang.Object.wait(Native Method)
java.lang.ref.ReferenceQueue.remove(ReferenceQueue.java:143)
com.mysql.jdbc.AbandonedConnectionCleanupThread.run(AbandonedConnectionCleanupThread.java:43)
2016.09.13 15:46:02 INFO web[o.a.c.h.Http11NioProtocol] Starting ProtocolHandler ["http-nio-0.0.0.0-9000"]
2016.09.13 15:46:02 INFO web[o.s.s.a.TomcatAccessLog] Web server is started
2016.09.13 15:46:02 INFO web[o.s.s.a.EmbeddedTomcat] HTTP connector enabled on port 9000
2016.09.13 15:46:02 WARN web[o.s.p.ProcessEntryPoint] Fail to start web
java.lang.IllegalStateException: Webapp did not start
at org.sonar.server.app.EmbeddedTomcat.isUp(EmbeddedTomcat.java:84) ~[sonar-server-6.0.jar:na]
at org.sonar.server.app.WebServer.isUp(WebServer.java:47) [sonar-server-6.0.jar:na]
at org.sonar.process.ProcessEntryPoint.launch(ProcessEntryPoint.java:105) ~[sonar-process-6.0.jar:na]
at org.sonar.server.app.WebServer.main(WebServer.java:68) [sonar-server-6.0.jar:na]
2016.09.13 15:46:02 INFO web[o.a.c.h.Http11NioProtocol] Pausing ProtocolHandler ["http-nio-0.0.0.0-9000"]
2016.09.13 15:46:03 INFO web[o.a.c.h.Http11NioProtocol] Stopping ProtocolHandler ["http-nio-0.0.0.0-9000"]
2016.09.13 15:46:03 INFO web[o.a.c.h.Http11NioProtocol] Destroying ProtocolHandler ["http-nio-0.0.0.0-9000"]
2016.09.13 15:46:03 INFO web[o.s.s.a.TomcatAccessLog] Web server is stopped
2016.09.13 15:46:03 INFO app[o.s.p.m.Monitor] Process[es] is stopping
2016.09.13 15:46:04 INFO es[o.s.p.StopWatcher] Stopping process
2016.09.13 15:46:04 INFO es[o.elasticsearch.node] [sonar-1473767147543] stopping ...
2016.09.13 15:46:04 INFO es[o.elasticsearch.node] [sonar-1473767147543] stopped
2016.09.13 15:46:04 INFO es[o.elasticsearch.node] [sonar-1473767147543] closing ...
2016.09.13 15:46:04 INFO es[o.elasticsearch.node] [sonar-1473767147543] closed
2016.09.13 15:46:04 INFO app[o.s.p.m.Monitor] Process[es] is stopped
<-- Wrapper Stopped
telnet to the IP and port 389 works
I've created a new user with a simpler password (no special characters) The error changed to the following:
Caused by: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 52e, v2580]
changed the part
ldap.bindDn =cn=someusername,ou=Users,o=mydomain
to
ldap.bindDn [email protected]
and it worked