| From: | Khushboo Vashi <khushboo(dot)vashi(at)enterprisedb(dot)com> |
|---|---|
| To: | Hendrik Hansmeier <hendrik(dot)hansmeier(at)hh-it(dot)co> |
| Cc: | "pgadmin-support lists(dot)postgresql(dot)org" <pgadmin-support(at)lists(dot)postgresql(dot)org> |
| Subject: | Re: pgadmin4 container deployment with ldap-authentication |
| Date: | 2020-08-11 04:09:33 |
| Message-ID: | CAFOhELdoix4=H_yGxhUb4J1AWKVQ_TkmpGxzKXuMX9Zj3voTJw@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgadmin-support |
Hi,
On Tue, Aug 11, 2020 at 4:35 AM Hendrik Hansmeier <
hendrik(dot)hansmeier(at)hh-it(dot)co> wrote:
> Hi,
>
> i am trying to get pgadmin4 running in server-mode as a docker-container.
> So i pulled the image and after i tried out the image a little bit, i tried
> to use ldap-authentication.
>
> Unfortunately, i didn't get it running as expected. I am not able to
> authenticate against my samba 4-domain. This is how i tried to launch the
> container:
>
> docker run -p 8280:80
> -e "PGADMIN_DEFAULT_EMAIL=<emailAddress>"
> -e "PGADMIN_DEFAULT_PASSWORD=<password>"
> -e "AUTHENTICATION_SOURCES=['ldap']"
> -e "LDAP_AUTO_CREATE_USER=True"
> -e "LDAP_SERVER_URI='ldaps://<domaincontroller>:636'"
> -e "LDAP_BASE_DN='cn=Users,dc=mydomain,dc=local'"
> -e "LDAP_BIND_USER='cn=User1,cn=Users,dc=mydomain,dc=local'"
> -e "LDAP_BIND_PASSWORD=<BindDNPassword>"
> -e "LDAP_CA_CERT_FILE='/etc/ssl/certs/myca.pem'"
> -e "LDAP_CERT_FILE='/etc/ssl/certs/my.cert.pem'"
> -e "LDAP_KEY_FILE='/etc/ssl/private/my.key.pem'"
> -d dpage/pgadmin4
>
> I am using the container behind a reverse-proxy on nginx (debian buster),
> for the first try via http. The authentication with the given user
> PGADMIN_DEFAULT_EMAIL works as expected but ldap-authentication results in
> an error-message "Specified user does not exist".
>
> Am i using the environment-parameters for ldap-authentication correctly?
> May a reverse-proxy over https help to get ldaps working?
>
The variable prefix "*PGADMIN_CONFIG_"* should be used to override any of
the configuration options in pgAdmin’s *config.py* file. So add this prefix
to all the config params you have used. (Ex, AUTHENTICATION_SOURCES,
LDAP_SERVER_URI
etc...)
Ex: AUTHENTICATION_SOURCES should be PGADMIN_CONFIG_AUTHENTICATION_SOURCES
Please refer
https://www.pgadmin.org/docs/pgadmin4/4.24/container_deployment.html#environment-variables
for
more information.
Also, set LDAP_SEARCH_BASE_DN param which is required to configure LDAP
Authentication in Dedicated User mode (which you have configured).
Please refer
https://www.pgadmin.org/docs/pgadmin4/4.24/enabling_ldap_authentication.html
Thanks,
Khushboo
--
> Best regards,
>
> Hendrik Hansmeier
>
>
> Hendrik Hansmeier IT-Consulting ::: Bunsenstraße 5 ::: 51647 Gummersbach
> FON +49 (0) 2261 814 174 ::: MOB +49 (0) 151 235 866 02 ::: E-MAIL
> hendrik(dot)hansmeier(at)hh-it(dot)co
> USt-IdNr.: DE311717013 ::: Finanzamt Gummersbach
>
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | heiko.onnebrink | 2020-08-11 10:59:19 | Re: [EXT] Re: pgadmin4 container deployment with ldap-authentication |
| Previous Message | Hendrik Hansmeier | 2020-08-10 23:05:47 | pgadmin4 container deployment with ldap-authentication |