| From: | Jeffrey Shaw <shawjef3(at)gmail(dot)com> |
|---|---|
| To: | pgsql-admin(at)postgresql(dot)org |
| Subject: | psql on Linux vs Windows, major GSS differences |
| Date: | 2014-08-29 13:54:27 |
| Message-ID: | CAJYh90_JxLNZMu8=mP38O=hB2hZdBLcmmL_feGhYaRHvs4gqOw@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-admin |
Hello all,
I'm attempting to get Windows domain users to be able to connect to a
PostgreSQL server running on CentOS 7. Linux clients authenticated to the
domain are able to connect, whereas Windows clients are not.
I've been looking at Wireshark packet captures, and there's a big
difference between Linux and Windows psql. After sending a message to the
server containing key-value pairs containing the user name and other
information such as encoding, psql on Linux sends a packet that wireshark
shows as ">p", and it contains a kerberos password. psql on Windows does
not send that message.
The error the Windows client prints is
psql: SSPI continuation error: The specified target is unknown or
unreachable
(80090303)
Another difference is that psql on Windows sends the user name without the
domain appended, for example "jeff.shaw" instead of "jeff(dot)shaw(at)domain(dot)com".
The psql on Linux does append the domain name.
I've verified that both the client and server have valid dns and reverse
dns entries.
I'm using the binaries from enterprisedb for PostgreSQL 9.4 beta 2 on both
the client and server. I'm wondering if the problem is that the Windows
version is not compiled with GSS support. pg_config reports that the Linux
build is configured --with-gssapi, whereas that does not appear in the
Windows version.
Jeff
| From | Date | Subject | |
|---|---|---|---|
| Next Message | lalit jangra | 2014-08-30 17:12:31 | Getting invalid page header in block while vacuuming PostgreSQL DB. |
| Previous Message | Albe Laurenz | 2014-08-29 09:54:35 | Re: invalid byte sequence for encoding "UTF8": 0x00 |