Good morning all,
I can’t seem to get LDAP Authentication working without an OU in the ldapbasedn. My users are spread across multiple OUs without a common root OU which is why I’m trying to authenticate with just the DC.
With pg_hba.conf like this, I can connect successfully from psql…
local all all ldap ldapserver=192.168.xxx.xxx ldapbasedn="OU=DB_Accounts,DC=acme,DC=local" ldapbinddn="CN=XXXX ,OU=DB_Accounts,DC=acme,DC=local" ldapsearchattribute=sAMAccountName ldapbindpasswd=xxxxxxxxxxxxxxx
But if I remove the OU from the ldapbasedn, like this …
local all all ldap ldapserver=192.168.xxx.xxx ldapbasedn="DC=acme,DC=local" ldapbinddn="CN=XXXX ,OU=DB_Accounts,DC=acme,DC=local" ldapsearchattribute=sAMAccountName ldapbindpasswd=xxxxxxxxxxxxxxx
Then I get:
psql: FATAL: LDAP authentication failed for user "xxxxxxxx"
select VERSION();
version
----------------------------------------------------------------------------------------------------------
PostgreSQL 9.6.2 on x86_64-pc-linux-gnu, compiled by gcc (GCC) 4.8.5 20150623 (Red Hat 4.8.5-11), 64-bit
psql --version
psql (PostgreSQL) 9.6.2
Kind Regards,
Greg
The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and / or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any computer.