A vexing problem with LDAP - Mailing list pgsql-novice

Hello,

    we have been struggling with this problem for a while now and I would be extremely grateful for your kind help.

We have an USERID ( VALID-USER)  who exists in the LDAP Group G_APP_Postgres_Users. 

I can see his entry when I execute the command  Get-ADGroupMember "G_APP_Postgres_Users" | more

PS H:\>

I can also see his details  as shown below.

PS H:\> Get-ADUser -LDAPFilter "(&(objectClass=user)(sAMAccountName=VALID-USER)(memberOf=CN=G_APP_Postgres_Users,OU=Anwendungen,OU=Gruppen,OU=Identity,DC=my-Konzern,DC=de))"

DistinguishedName : CN=VALID-USER,OU=Konten,OU=EWT,OU=PostgreSQL,OU=Ressourcen,DC=my-Konzern,DC=de

Enabled           : True

GivenName         : REWT-PostgreSQL

Name              : VALID-USER

ObjectClass       : user

ObjectGUID        : 5a45f8e9-f13b-4ff2-9815-ec85bd0aeb7c

SamAccountName    : VALID-USER

SID               : S-1-5-21-4249930229-1474557206-4077294858-125360

Surname           : Rochade-Konfig

UserPrincipalName : VALID-USER@my-konzern.de

However when he tries to connect to postgres we see this error message.

Postgres-Log

LOG:  LDAP user "VALID-USER" does not exist

FATAL:  LDAP authentication failed for user "VALID-USER"

PG_HBA.CONF entry is shown below.

pg_hba.conf

host   all             all              0.0.0.0/0             ldap ldapserver=ldap.my-konzern.de ldapport=389 ldapbinddn="CN=Postgres-LDAP,OU=Konten,OU=PROD,OU=PostgreSQL,OU=Ressourcen,DC=my-konzern,DC=de" ldapbindpasswd="dF3@3#s$P1" ldapbasedn="OU=Postgres,OU=Ressourcen,DC=my-konzern,DC=de" ldapscheme=ldap ldapsearchfilter="(&(objectClass=user)( sAMAccountName=%u)(memberOf=CN=G_APP_Postgres_Users,OU=Anwendungen,OU=Gruppen,OU=Identity,DC=my-konzern,DC=de))"

What could be the source of this error? 

How to debug this problem step by step to see where exactly the chain is disconnected?

Thank you for your time in advance.

LG

Ram