| From: | Scott Mead <scott(dot)lists(at)enterprisedb(dot)com> |
|---|---|
| To: | sandiphw <sandiphw(at)hotmail(dot)com> |
| Cc: | pgsql-general(at)postgresql(dot)org |
| Subject: | Re: pgSql authentication problem with openLdap |
| Date: | 2009-04-14 18:37:23 |
| Message-ID: | d3ab2ec80904141137j13472c5m9a4226d4661e0fe0@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Tue, Apr 14, 2009 at 8:28 AM, sandiphw <sandiphw(at)hotmail(dot)com> wrote:
>
> I have tried all possible variation of syntax I can imagine, like
>
> host all all 202.18.10.0/24
> ldap://202.18.10.1:389/dc=abc,dc=net;;ou=people
> host all all 202.18.10.0/24 ldap
> ldap://202.18.10.1:389/dc=abc,dc=net;;ou=people
> host all all 202.18.10.0/24
> "ldap://202.18.10.1:389/dc=abc,dc=net;;ou=people"
> host all all 202.18.10.0/24
> ldap://202.18.10.1:389/dc=abc,dc=net;cn=;,dc=holtecnet,dc=com
host all all <blah> ldap
"ldap://server:389/ou=People,dc=example,dc=com;uid=;,ou=People,dc=example,dc=com"
It's very important to have the:
...;uid=;,ou=People,dc=example,dc=com
Postgres is not automatically pre-pending the attribute name and it's not
appending the basedn. Also note... the comma before the basedn. If you
don't have that their, it won't work.
After that, login to the database as superuser and type:
create user <usernamefromldap>
You can't login to pg via ldap unless you have created the user in the db
first.
If that doesn't work, check your ldap server logs. Also, is this really
openLDAP or AD? I've seen wackiness with AD even though openLdap was
working with the same basic schema.
--Scott
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alvaro Herrera | 2009-04-14 18:53:19 | Re: 'no pg_hba.conf entry for host "[local]", user "postgres", database "postgres"'... |
| Previous Message | Dave Page | 2009-04-14 18:32:29 | Re: pgSql authentication problem with openLdap |