Quick Links

Re: Postgres user authentication with secure LDAP

From:	Scott Whitney <scott(at)journyx(dot)com>
To:	"Tang, Ronald K CIV FNMOC, N6" <ronald(dot)k(dot)tang(at)navy(dot)mil>, Jeffrey Shaw <shawjef3(at)gmail(dot)com>
Cc:	"pgsql-admin(at)postgresql(dot)org" <pgsql-admin(at)postgresql(dot)org>
Subject:	Re: Postgres user authentication with secure LDAP
Date:	2017-08-10 22:00:57
Message-ID:	CY4PR11MB1575CC5C19BBBF922280132DA7880@CY4PR11MB1575.namprd11.prod.outlook.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-admin

Well, first off, you're on the wrong port for LDAPS://
________________________________
From: pgsql-admin-owner(at)postgresql(dot)org <pgsql-admin-owner(at)postgresql(dot)org> on behalf of Jeffrey Shaw <shawjef3(at)gmail(dot)com>
Sent: Thursday, August 10, 2017 4:57:51 PM
To: Tang, Ronald K CIV FNMOC, N6
Cc: pgsql-admin(at)postgresql(dot)org
Subject: Re: [ADMIN] Postgres user authentication with secure LDAP

Hi Ron,
What OS is your server running, and what OS is your client running?

I found that it was only possible to get clients from a Windows machine to authenticate via ldap against a server that was also running Windows. Hopefully someone else has more experience here than me.

On Thu, Aug 10, 2017 at 5:02 PM, Tang, Ronald K CIV FNMOC, N6 <ronald(dot)k(dot)tang(at)navy(dot)mil<mailto:ronald(dot)k(dot)tang(at)navy(dot)mil>> wrote:
Hi,

I am trying to configure my Postgres server to use LDAP for authentication. My pg_hba.conf config line is:

ldap ldapserver=ldaps://myldaps.company.com<http://myldaps.company.com> ldapport=636 ldaptls=1 ldapprefix="uid=" ldapsuffix=",ou=People,o=my.company.com<http://my.company.com>"

I queried the LDAP server successfully with the 'ldapsearch' tool with the same DN. However, I cannot get it to work successfully on Postgres. I have ssl=on and all server and CA certs installed.

Postgres version 9.5.6.

Error log:

could not initialize LDAP: No such file or directory
LDAP authentication failed for user "user1"
auth_failed, auth.c:288

---------------------------------------
Thanks for any helps.
Ron

--
Sent via pgsql-admin mailing list (pgsql-admin(at)postgresql(dot)org<mailto:pgsql-admin(at)postgresql(dot)org>)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-admin

Journyx, Inc.
7600 Burnet Road #300
Austin, TX 78757
www.journyx.com

p 512.834.8888
f 512-834-8858

Do you receive our promotional emails? Click here <http://journyx.com/communication-preferences> or visit http://journyx.com/communication-preferences to unsubscribe.

In response to

Re: Postgres user authentication with secure LDAP at 2017-08-10 21:57:51 from Jeffrey Shaw

Browse pgsql-admin by date

	From	Date	Subject
Next Message	Stephen Frost	2017-08-11 01:53:36	Re: Postgres user authentication with secure LDAP
Previous Message	Jeffrey Shaw	2017-08-10 21:57:51	Re: Postgres user authentication with secure LDAP