Andreas Schmid wrote:
> I configured my PostgreSQL 10 DB on Debian 9.2 with LDAP authentication (simple bind mode).
> While this basically works, it has the strange effect that the first login with psql
> takes around 5 seconds. When I reconnect within 60 seconds, the login completes immediately.
>
> The LDAP server is behind a firewall. So for a test, in pg_hba.conf I put the LDAP servers
> IP address instead of its DNS name (for parameter ldapserver). Like that, all logins
> complete immediately. But in general I prefer specifying the DNS name rather than the IP.
>
> When I checked on the DB machine with the following commands
> host my.ldap.server.org
> dig my.ldap.server.org
> both always returned the host name and IP address of the LDAP server immediately.
>
> Does anyone of you have an explanation for this, or a hint, where I could do some further
> investigation?
I would run a network trace with timestamps to see where the time is spent.
Yours,
Laurenz Albe
--
Cybertec | https://www.cybertec-postgresql.com
