Quick Links

Re: Role Does Not exist post server reboot

From:	Erik Wienhold <ewie(at)ewie(dot)name>
To:	Rakesh Nashine <nashine(dot)rakesh(at)gmail(dot)com>, pgsql-admin(at)lists(dot)postgresql(dot)org
Subject:	Re: Role Does Not exist post server reboot
Date:	2023-02-01 15:46:30
Message-ID:	1571039881.130005.1675266390908@office.mailbox.org
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-admin

> On 01/02/2023 15:38 CET Rakesh Nashine <nashine(dot)rakesh(at)gmail(dot)com> wrote:
>
> Hi ,I have found that post server reboot , one of the user/role is missing
> from the postgres database . Need some assistance like how it is possible.
> If the server gets rebooted then how come the role is missing ?

What happened prior to the reboot? Changes to Postgres configs or the database?

> 2023-01-30 13:26:18.995 GMT epiemxb(at)postgres [14541] 10.94.234.138(61392) [00000] LOG: LDAP login failed for user "CN=EPIEMXB,OU=MFUSERS,OU=ELASUserAccounts,DC=elas,DC=local" on server "elwacpa1.abc.local": Invalid credentials
> 2023-01-30 13:26:18.995 GMT epiemxb(at)postgres [14541] 10.94.234.138(61392) [00000] DETAIL: LDAP diagnostics: 80090308: LdapErr: DSID-0C090447, comment: AcceptSecurityContext error, data 52e, v3839
> 2023-01-30 13:26:18.995 GMT epiemxb(at)postgres [14541] 10.94.234.138(61392) [28000] FATAL: LDAP authentication failed for user "epiemxb"
> 2023-01-30 13:26:18.995 GMT epiemxb(at)postgres [14541] 10.94.234.138(61392) [28000] DETAIL: Connection matched pg_hba.conf line 100: "host all all 0.0.0.0/0 (http://0.0.0.0/0) ldap ldapserver=elwacpa1.abc.local ldapbasedn="OU=UserAccounts,DC=es,DC=local" ldapbinddn="CN=mfadmin,OU=MFUSERS,OU=ELASUserAccounts,DC=elas,DC=local" ldapbindpasswd=" ldapsearchattribute=sAMAccountName ldaptls=1"

The value of ldapbindpasswd appears to be wrong:

ldapbindpasswd=" ldapsearchattribute=sAMAccountName ldaptls=1"

There's the opening double quote but it's not closed until after ldaptls=1.
This means that " ldapsearchattribute=sAMAccountName ldaptls=1" is used as
password for the search+bind authentication.

> 2023-01-30 13:26:24.302 GMT epiemxb(at)postgres [14569] 10.94.234.138(61400) [28000] FATAL: role "epiemxb" does not exist
> 2023-01-30 13:26:32.050 GMT epiemxb(at)postgres [14573] 10.94.234.138(61410) [28000] FATAL: role "epiemxb" does not exist
> 2023-01-30 13:29:22.400 GMT epiemxb(at)postgres [15263] 10.94.234.138(61513) [28000] FATAL: role "epiemxb" does not exist

This error may stem from the failed ldap authentication. Have you verified that
the role exists in the database?

--
Erik

In response to

Role Does Not exist post server reboot at 2023-02-01 14:38:37 from Rakesh Nashine

Responses

Re: Role Does Not exist post server reboot at 2023-02-01 16:05:12 from Rakesh Nashine

Browse pgsql-admin by date

	From	Date	Subject
Next Message	Rakesh Nashine	2023-02-01 16:05:12	Re: Role Does Not exist post server reboot
Previous Message	Norbert Poellmann	2023-02-01 15:35:15	Re: Failover / repmgr questions