From: | Scott Whitney <scott(at)journyx(dot)com> |
---|---|
To: | "Tang, Ronald K CIV FNMOC, N6" <ronald(dot)k(dot)tang(at)navy(dot)mil>, Jeffrey Shaw <shawjef3(at)gmail(dot)com> |
Cc: | "pgsql-admin(at)postgresql(dot)org" <pgsql-admin(at)postgresql(dot)org> |
Subject: | Re: Postgres user authentication with secure LDAP |
Date: | 2017-08-10 22:00:57 |
Message-ID: | CY4PR11MB1575CC5C19BBBF922280132DA7880@CY4PR11MB1575.namprd11.prod.outlook.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-admin |
Well, first off, you're on the wrong port for LDAPS://
________________________________
From: pgsql-admin-owner(at)postgresql(dot)org <pgsql-admin-owner(at)postgresql(dot)org> on behalf of Jeffrey Shaw <shawjef3(at)gmail(dot)com>
Sent: Thursday, August 10, 2017 4:57:51 PM
To: Tang, Ronald K CIV FNMOC, N6
Cc: pgsql-admin(at)postgresql(dot)org
Subject: Re: [ADMIN] Postgres user authentication with secure LDAP
Hi Ron,
What OS is your server running, and what OS is your client running?
I found that it was only possible to get clients from a Windows machine to authenticate via ldap against a server that was also running Windows. Hopefully someone else has more experience here than me.
On Thu, Aug 10, 2017 at 5:02 PM, Tang, Ronald K CIV FNMOC, N6 <ronald(dot)k(dot)tang(at)navy(dot)mil<mailto:ronald(dot)k(dot)tang(at)navy(dot)mil>> wrote:
Hi,
I am trying to configure my Postgres server to use LDAP for authentication. My pg_hba.conf config line is:
ldap ldapserver=ldaps://myldaps.company.com<http://myldaps.company.com> ldapport=636 ldaptls=1 ldapprefix="uid=" ldapsuffix=",ou=People,o=my.company.com<http://my.company.com>"
I queried the LDAP server successfully with the 'ldapsearch' tool with the same DN. However, I cannot get it to work successfully on Postgres. I have ssl=on and all server and CA certs installed.
Postgres version 9.5.6.
Error log:
could not initialize LDAP: No such file or directory
LDAP authentication failed for user "user1"
auth_failed, auth.c:288
---------------------------------------
Thanks for any helps.
Ron
--
Sent via pgsql-admin mailing list (pgsql-admin(at)postgresql(dot)org<mailto:pgsql-admin(at)postgresql(dot)org>)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin
Journyx, Inc.
7600 Burnet Road #300
Austin, TX 78757
www.journyx.com
p 512.834.8888
f 512-834-8858
Do you receive our promotional emails? Click here <http://journyx.com/communication-preferences> or visit http://journyx.com/communication-preferences to unsubscribe.
From | Date | Subject | |
---|---|---|---|
Next Message | Stephen Frost | 2017-08-11 01:53:36 | Re: Postgres user authentication with secure LDAP |
Previous Message | Jeffrey Shaw | 2017-08-10 21:57:51 | Re: Postgres user authentication with secure LDAP |