From: | Erik Wienhold <ewie(at)ewie(dot)name> |
---|---|
To: | Rakesh Nashine <nashine(dot)rakesh(at)gmail(dot)com>, pgsql-admin(at)lists(dot)postgresql(dot)org |
Subject: | Re: Role Does Not exist post server reboot |
Date: | 2023-02-01 15:46:30 |
Message-ID: | 1571039881.130005.1675266390908@office.mailbox.org |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-admin |
> On 01/02/2023 15:38 CET Rakesh Nashine <nashine(dot)rakesh(at)gmail(dot)com> wrote:
>
> Hi ,I have found that post server reboot , one of the user/role is missing
> from the postgres database . Need some assistance like how it is possible.
> If the server gets rebooted then how come the role is missing ?
What happened prior to the reboot? Changes to Postgres configs or the database?
> 2023-01-30 13:26:18.995 GMT epiemxb(at)postgres [14541] 10.94.234.138(61392) [00000] LOG: LDAP login failed for user "CN=EPIEMXB,OU=MFUSERS,OU=ELASUserAccounts,DC=elas,DC=local" on server "elwacpa1.abc.local": Invalid credentials
> 2023-01-30 13:26:18.995 GMT epiemxb(at)postgres [14541] 10.94.234.138(61392) [00000] DETAIL: LDAP diagnostics: 80090308: LdapErr: DSID-0C090447, comment: AcceptSecurityContext error, data 52e, v3839
> 2023-01-30 13:26:18.995 GMT epiemxb(at)postgres [14541] 10.94.234.138(61392) [28000] FATAL: LDAP authentication failed for user "epiemxb"
> 2023-01-30 13:26:18.995 GMT epiemxb(at)postgres [14541] 10.94.234.138(61392) [28000] DETAIL: Connection matched pg_hba.conf line 100: "host all all 0.0.0.0/0 (http://0.0.0.0/0) ldap ldapserver=elwacpa1.abc.local ldapbasedn="OU=UserAccounts,DC=es,DC=local" ldapbinddn="CN=mfadmin,OU=MFUSERS,OU=ELASUserAccounts,DC=elas,DC=local" ldapbindpasswd=" ldapsearchattribute=sAMAccountName ldaptls=1"
The value of ldapbindpasswd appears to be wrong:
ldapbindpasswd=" ldapsearchattribute=sAMAccountName ldaptls=1"
There's the opening double quote but it's not closed until after ldaptls=1.
This means that " ldapsearchattribute=sAMAccountName ldaptls=1" is used as
password for the search+bind authentication.
> 2023-01-30 13:26:24.302 GMT epiemxb(at)postgres [14569] 10.94.234.138(61400) [28000] FATAL: role "epiemxb" does not exist
> 2023-01-30 13:26:32.050 GMT epiemxb(at)postgres [14573] 10.94.234.138(61410) [28000] FATAL: role "epiemxb" does not exist
> 2023-01-30 13:29:22.400 GMT epiemxb(at)postgres [15263] 10.94.234.138(61513) [28000] FATAL: role "epiemxb" does not exist
This error may stem from the failed ldap authentication. Have you verified that
the role exists in the database?
--
Erik
From | Date | Subject | |
---|---|---|---|
Next Message | Rakesh Nashine | 2023-02-01 16:05:12 | Re: Role Does Not exist post server reboot |
Previous Message | Norbert Poellmann | 2023-02-01 15:35:15 | Re: Failover / repmgr questions |