Hi All,
We are using the following format for LDAP authentication,
host all all
0.0.0.0/0 ldap ldapserver=
ldap.xxx.com ldapport=389 ldaptls=1 ldapbasedn="dc=domain,dc=com" ldapbinddn="cn=auth_user,dc=domain,dc=com" ldapbindpasswd=encrypted_password ldapsearchattribute=uid
1. It successfully retrieved user information when we do ldapsearch "
ldapsearch -H "ldaps://ldap.xxxx.com" -W -D "cn=auth_user,ou=people,dc=domain,dc=com" -b "dc=domain,dc=com" "uid=ldap_user"
2. Same LDAP server is authenticating while ssh / sudo successfully.
But issue is while connecting DB
-bash-4.1$ psql -h dbhost.domain.com -Atc "select 'success'" -Uldap_user postgres
Password for user ldap_user:
psql: FATAL: LDAP authentication failed for user "ldap_user"
-bash-4.1$
Is there any way to validate ldap_user password using ldapsearch ?
Or is there any specific format in pg_hba.conf to configure LDAP.
Regards,
Raj
Thanks Steve for the response, Yes we had DNS server change.
But conf file updated with right DNS server and its resolving when i crosscheck with nslookup against clinet_addr
By the way , What is the right syntax for LDAP configuration ,
I am using the one below, and getting LDAP authentication error though i was able to login to server with same password.
host all all
0.0.0.0/0 ldap ldapserver=
ldap.xxx.com ldapport=389 ldaptls=1 ldapbasedn="dc=domain,dc=com" ldapbinddn="cn=auth_user,dc=domain,dc=com" ldapbindpasswd=encrypted_password ldapsearchattribute=uid
Version :9..2
Regards,
Raju
Hi All,
We have recently noticed in our development environment pg_log with flooded message.
[64459]: [1-1] user=[unknown],db=[unknown],host= WARNING: pg_getnameinfo_all() failed: Temporary failure in name resolution...
First thing I'd check is that DNS is functioning correctly (including local resolution settings or caching name resolvers).
Cheers,
Steve