Postgres Pro
Downloads
Home   >   mailing lists

Re: PostgreSQL and OpenLdap - Mailing list pgsql-general

From Cristiano Panvel
Subject Re: PostgreSQL and OpenLdap
Date
Msg-id 8e8b996b0702121541w2ad1d0bblb40d9af8f845e9cd@mail.gmail.com
Whole thread Raw
In response to Re: PostgreSQL and OpenLdap  (Magnus Hagander <magnus@hagander.net>)
Responses Re: PostgreSQL and OpenLdap  (Magnus Hagander <magnus@hagander.net>)
List pgsql-general
Tree view 
Thanks Magnus,

Now I am passing the line thus pg_hba.conf

##
host    all         all         10.193.4.0/24          ldap
ldap://ldap.cb.sc.gov.br/dc=cb,dc=sc,dc=gov,dc=br
##

However error in login is occurring

% psql postgresql -h server -U scott -W
psql: FATAL:  LDAP authentication failed for user "scott"

I must pass plus some thing.

My base Ldap:
dc=cb,dc=sc,dc=gov,dc=br

The Bind:
ou=Users

Cris.

On 2/12/07, Magnus Hagander <magnus@hagander.net> wrote:
> On Sun, Feb 11, 2007 at 08:54:56PM -0200, Cristiano Panvel wrote:
> > Hi Friends,
> >
> > This is my first post in the list.
> >
> > I am not obtaining authentication my users of PostgreSQL in OpenLdap.
> >
> > 1) PostgreSQL was compiled with the support to ldap in a FreeBSD System.
> > "option --with-ldap for configure".
> >
> > 2) The user also exists in the base of the OpenLdap
> >
> > 3) Already I also added the line of configuration in "pg_hba.conf" and
> > in the "pg_service.conf"
> >
> > $ tail /etc/pg_service.conf
> > ldap://ldap.cb.sc.gov.br/dc=cb,dc=sc,dc=gov,dc=br
>
> This is not for LDAP authentication, it's for service lookup only. If
> you just want LADP auth, you can get rid of it. If you want both, I'd
> suggest doing one thing at a time - get rid of it for now until auth
> works, then put it back in later.
>
> > $ cat /usr/local/pgsql/data/pg_hba.conf
> >
> > local   all         all                               trust
> >
> > host    all         all         10.193.4.0/24   md5
> >
> > ldap://ldap.cb.sc.gov.br/dc=cb,dc=sc,dc=gov,dc=br
>
> I assume this is all on one line. In which case it's incorrect - you
> can't have both md5 and ldap on teh same line. It should be:
> host all all 10.193.4.0/24 ldap ldap://....
>
>
> > 4) To create the usuary I make thus
> >
> > # su - pgsql
> > % createuser scott
> >
> > After the made configurations, I try to effect login and is error of
> > password.
> >
> > remote# psql postgresql -h server -U scott -W
> > psql: FATAL:  password authentication failed for user "scott"
> >
>
> What you really need to look at here is the server logs, not the client
> output. It should tell you what it's trying to do (in your case, it
> would indicate that it's not trying to do LDAP) and how its' failing.
>
> //Magnus
>

pgsql-general by date:

Previous
From: Joseph Shraibman
Date:
Subject: Re: daylight savings patches needed?
Next
From: "Adam Rich"
Date:
Subject: Re: Function to return list of all prime numbers in range