Re: kerberos authentication error with Windows 2003 SP1 AD - Mailing list pgsql-general
From | Magnus Hagander |
---|---|
Subject | Re: kerberos authentication error with Windows 2003 SP1 AD |
Date | |
Msg-id | 6BCB9D8A16AC4241919521715F4D8BCEA35942@algol.sollentuna.se Whole thread Raw |
In response to | kerberos authentication error with Windows 2003 SP1 AD (koppelp@mir.wustl.edu) |
Responses |
Re: kerberos authentication error with Windows 2003 SP1 AD
(koppelp@mir.wustl.edu)
|
List | pgsql-general |
Hi! Wherever your pg_ctl command sets the logfiles, or syslog if you use syslog etc. (Note that you still need to define the user in PostgreSQL as well, but that shoudl give a different error message) //Magnus > -----Original Message----- > From: koppelp@mir.wustl.edu [mailto:koppelp@mir.wustl.edu] > Sent: den 17 november 2006 23:18 > To: Magnus Hagander > Subject: RE: [GENERAL] kerberos authentication error with > Windows 2003 SP1 AD > > HI Magnus- > > Thanks for your reply. Which error log in postgres should I > look at? Do I need to configure postgres to add more detailed > logging? Thanks again for your help. > > Please include my email address in your reply. > > -- pk > > Inactive hide details for "Magnus Hagander" > <mha@sollentuna.net>"Magnus Hagander" <mha@sollentuna.net> > > > > > "Magnus Hagander" <mha@sollentuna.net> > > 11/14/2006 10:22 AM > > > > To > > <koppelp@mir.wustl.edu>, <pgsql-general@postgresql.org> > > > cc > > > > > Subject > > RE: [GENERAL] kerberos authentication error with Windows 2003 SP1 AD > > > > My operating system is Red Hat Linux AS 4, Kerberos 5, with > > postgresql-7.4.14 that I compiled. I can authenticate using > ssh, su, > > console login, and also have gotten apache mod_auth_kerb to > work with > > AD - but I am missing something with postgresql. When I try: > > > > [pkoppe01@ipswich ~]$ /usr/local/pgsql/bin/psql -d test -h ipswich > > psql: Kerberos 5 authentication failed > > > > For the configure step, I did (needed the include statement > to prevent > > an error about comm_err.h): > > > > [koppel@ipswich postgresql-7.4.14]$ ./configure --with-java > > --with-krb5 --with-includes=/usr/include/et > > > > The make proceeded normally. > > > > My pg_hba.conf looks like this (with pkoppe01 defined in Active > > Directory but not defined in postgres using "createuser") > > > > local all all trust > > host test pkoppe01 192.168.1.0 255.255.255.0 krb5 > > > > Also have "tcpip_socket = true" and the postgres keytab > referenced in > > postgresql.conf and the keytab file itself owned by postgres. > > > > When I try the psql command above (as pkoppe01) I do get > the service > > ticket for postgres: > > > > [pkoppe01@ipswich ~]$ klist > > Ticket cache: FILE:/tmp/krb5cc_501_LCzZ1P Default principal: > > pkoppe01@PRIVATE.LAN > > > > Valid starting Expires Service principal > > 11/13/06 11:17:25 11/13/06 21:17:28 > > krbtgt/PRIVATE.LAN@PRIVATE.LAN renew until 11/14/06 11:17:25 > > 11/13/06 11:19:02 11/13/06 21:17:28 > > postgres/ipswich.private.lan@PRIVATE.LAN > > renew until 11/14/06 11:17:25 > > > > Any ideas would be greatly appreciated. Thanks in advance. > > Please feel free to email me directly as I just joined the list and > > don't know my way around yet. > > The server log from postgresql should give some more information. > > //Magnus > > >
pgsql-general by date: