Hi,
I'm not an AD expert myself, but I've read somewhere, that AD disallows simple binds without using ssl.
You could try enabling ssl on AD, or try the krb5 authentication method for pg.
Good Luck
Geza
I've setup LDAP on Postgresql 8.3.6 by adding the following line to pg_hba.conf. My Active Directory has a group called 'users group' which contains an entry for user pgtest.
host all pgtest xx.xxx.x.x/xx ldap "ldap://server.mydomain.com:389/basedn;cn=;,ou=users group,dc=mydomain,dc=com"
I have restarted the PG server but when I try to connect via psql from another host, I get the following error: -
2010-10-28 16:30:36 BST [1095]: [2-1] FATAL: LDAP authentication failed for user "pgtest"
2010-10-28 16:30:36 BST [1096]: [1-1] LOG: LDAP login failed for user "cn=pgtest,ou=users group,dc=mydomain,dc=com" on server "server.mydomain.com": error code 49
So it looks like the cn, ou and dc parameters are correct, but for some reason Openldap is returning error 49, which is a generic authentication failure message.
Can anyone suggest anything that I might be doing wrong? Could it be the line in pg_hba.conf that is wrong, or possibly the ldap package on the server (debian linux) not working
properly?
Any ideas much appreciated!
From: kierenscott@hotmail.com
To: pgsql-admin@postgresql.org
Subject: Using LDAP with postgresql 8.2
Date: Wed, 27 Oct 2010 17:57:32 +0000
.ExternalClass .ecxhmmessage P
{padding:0px;}
.ExternalClass body.ecxhmmessage
{font-size:10pt;font-family:Tahoma;}
Hi,
I'm looking to implement LDAP authentication againt Active Directory for my
Postgresql databases. What's people experiences of using LDAP for authenticating logins with AD?
Is it easy to setup and is there anything to watch out for e.g. does Postgresql do anything
intrusive on Active Directory (create anything) or does it just simply bind to AD, validate the
username/password pair and return success/failure back to the client?
Many thanks!