| From: | Stephan Fabel <sfabel(at)hawaii(dot)edu> |
|---|---|
| To: | Jürgen Fuchsberger <juergen(dot)fuchsberger(at)uni-graz(dot)at> |
| Cc: | Postgres List <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: LDAP authentication not working |
| Date: | 2014-05-14 06:35:47 |
| Message-ID: | CANJgB1kwRL2DYhvgPiXZh2+kOOD6kVZb3y6x3VU90WRD_NgZLQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
I don't think SSL support for LDAP is supported. Have you tried TLS on port
389?
On May 13, 2014 8:20 PM, "Jürgen Fuchsberger" <
juergen(dot)fuchsberger(at)uni-graz(dot)at> wrote:
> Hi,
>
> I'm running postgresql 9.1 on Debian and am trying to set up LDAP
> authentication using the following configuration in pg_hba.conf:
>
> hostssl testdb all 143.50.203.0/24 ldap ldapserver="
> wegc24.uni-graz.at"
> ldapport=636 ldapbinddn="cn=nss,dc=uni-graz,dc=at"
> ldapbindpasswd="<thepasswd>" ldapbasedn="dc=uni-graz,dc=at"
>
>
> Trying to access testdb via psql fails with the following error in the log:
> '''could not perform initial LDAP bind for ldapbinddn
> "cn=nss,dc=uni-graz,dc=at" on server "wegc24.uni-graz.at": error code
> -1'''
>
> Unfortunately I did not find what error code -1 means.
>
> Ldapsearch works fine:
> > ldapsearch -W -H ldaps://wegc24.uni-graz.at:636/ -D
> "CN=nss,DC=uni-graz,DC=at"
>
> Interesting is also, that postgres seems to not even reach the ldap
> server: If I change parameter ldapserver to a non-existing url it gives
> the same error code -1.
>
> Any help much appreciated!
>
> Best,
> Juergen
>
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | AI Rumman | 2014-05-14 07:06:13 | what should be the best autovacuum configuration for daily partition table |
| Previous Message | Jürgen Fuchsberger | 2014-05-14 06:17:05 | LDAP authentication not working |