Re: [LDAPS] Test connection user with ldaps server
| От | João Gaspar |
|---|---|
| Тема | Re: [LDAPS] Test connection user with ldaps server |
| Дата | |
| Msg-id | CAM+zXj0b71fckDSTxPwX58ze-9mtD4UxbktzGCmUYAnjoZti3A@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: [LDAPS] Test connection user with ldaps server (Thomas Munro <thomas.munro@gmail.com>) |
| Список | pgsql-general |
Hi all,
Best regards,
thanks for the feedback.
I was able to do it successfully but I didn't understand yet if there is a bug in pg_hba.conf LDAP link interpretation or a messy domain.
So as I said previously, the ldapsearch is finding correctly the user1 fine using only the url dc=company,dc=example,dc=com
ldapsearch -x -H ldaps://serverurl -W -D "cn= user-to-do-autentication-ldap-connection" -b "dc=company,dc=example,dc=com" "sAMAccountName=user1"
Before (Can't search):
host all all 0.0.0.0/0 ldap ldapurl="ldaps://serverurl:636/DC=company,DC=example,DC=com?sAMAccountName?sub" ldapbinddn="user-to-do-autentication-ldap-connection" ldapbindpasswd=" user-ldap-connection password-autentication"
So what I did was add the Organization Unit (OU) and now works fine.
After:
host all all 0.0.0.0/0 ldap ldapurl="ldaps://serverurl:636/OU=sub-company,DC=company,DC=example,DC=com?sAMAccountName?sub" ldapbinddn="user-to-do-autentication-ldap-connection" ldapbindpasswd=" user-ldap-connection password-autentication"
João Gaspar
Thomas Munro <thomas.munro@gmail.com> escreveu no dia segunda, 15/02/2021 à(s) 22:39:
On Tue, Feb 16, 2021 at 4:32 AM Laurenz Albe <laurenz.albe@cybertec.at> wrote:
> What I would do is experiment with the "ldapsearch" executable from OpenLDAP and see
> if you can reproduce the problem from the command line.
Also, maybe try doing this as the "postgres" user (or whatever user
PostgreSQL runs as), just in case there are some environmental
differences affecting the behaviour.
В списке pgsql-general по дате отправления: