Home > mailing lists

Re: pgSql authentication problem with openLdap - Mailing list pgsql-general

From	Scott Mead
Subject	Re: pgSql authentication problem with openLdap
Date	April 14, 2009 18:37:34
Msg-id	d3ab2ec80904141137j13472c5m9a4226d4661e0fe0@mail.gmail.com Whole thread Raw
In response to	Re: pgSql authentication problem with openLdap (sandiphw <sandiphw@hotmail.com>)
List	pgsql-general

Tree view

On Tue, Apr 14, 2009 at 8:28 AM, sandiphw <sandiphw@hotmail.com> wrote:

I have tried all possible variation of syntax I can imagine, like

host all all 202.18.10.0/24
ldap://202.18.10.1:389/dc=abc,dc=net;;ou=people
host all all 202.18.10.0/24 ldap
ldap://202.18.10.1:389/dc=abc,dc=net;;ou=people
host all all 202.18.10.0/24
"ldap://202.18.10.1:389/dc=abc,dc=net;;ou=people"
host all all 202.18.10.0/24
ldap://202.18.10.1:389/dc=abc,dc=net;cn=;,dc=holtecnet,dc=com

host all all <blah> ldap "ldap://server:389/ou=People,dc=example,dc=com;uid=;,ou=People,dc=example,dc=com"

It's very important to have the:

...;uid=;,ou=People,dc=example,dc=com

Postgres is not automatically pre-pending the attribute name and it's not appending the basedn. Also note... the comma before the basedn. If you don't have that their, it won't work.

After that, login to the database as superuser and type:

create user <usernamefromldap>

You can't login to pg via ldap unless you have created the user in the db first.

If that doesn't work, check your ldap server logs. Also, is this really openLDAP or AD? I've seen wackiness with AD even though openLdap was working with the same basic schema.

--Scott

pgsql-general by date:

From: "Roderick A. Anderson"
Date: 14 April 2009, 18:30:17
Subject: Re: Move databases from Pg 7.2.1 to 8.3.x

From: Kynn Jones
Date: 14 April 2009, 18:38:57
Subject: Re: 'no pg_hba.conf entry for host "[local]", user "postgres", database "postgres"'...

Re: pgSql authentication problem with openLdap - Mailing list pgsql-general

Previous

Next