Re: A vexing problem with LDAP
| От | Laurenz Albe |
|---|---|
| Тема | Re: A vexing problem with LDAP |
| Дата | |
| Msg-id | ff5e8a3ba8d97971b2de3194e2bff2239ea715f2.camel@cybertec.at обсуждение исходный текст |
| Ответ на | A vexing problem with LDAP ("Subramanian,Ramachandran" <ramachandran.subramanian@alte-leipziger.de>) |
| Список | pgsql-novice |
On Fri, 2026-03-13 at 06:57 +0000, Subramanian,Ramachandran wrote: > We have an USERID ( VALID-USER) who exists in the LDAP Group G_APP_Postgres_Users. > > PS H:\> Get-ADUser -LDAPFilter "(&(objectClass=user)(sAMAccountName=VALID-USER)(memberOf=CN=G_APP_Postgres_Users,OU=Anwendungen,OU=Gruppen,OU=Identity,DC=my-Konzern,DC=de))" > > DistinguishedName : CN=VALID-USER,OU=Konten,OU=EWT,OU=PostgreSQL,OU=Ressourcen,DC=my-Konzern,DC=de > Enabled : True > GivenName : REWT-PostgreSQL > Name : VALID-USER > ObjectClass : user > ObjectGUID : 5a45f8e9-f13b-4ff2-9815-ec85bd0aeb7c > SamAccountName : VALID-USER > SID : S-1-5-21-4249930229-1474557206-4077294858-125360 > Surname : Rochade-Konfig > UserPrincipalName :VALID-USER@my-konzern.de > > However when he tries to connect to postgres we see this error message. > > Postgres-Log > LOG: LDAP user "VALID-USER" does not exist > FATAL: LDAP authentication failed for user "VALID-USER" > > PG_HBA.CONF entry is shown below. > > pg_hba.conf > host all all 0.0.0.0/0 ldap ldapserver=ldap.my-konzern.de ldapport=389 ldapbinddn="CN=Postgres-LDAP,OU=Konten,OU=PROD,OU=PostgreSQL,OU=Ressourcen,DC=my-konzern,DC=de" ldapbindpasswd="dF3@3#s$P1"ldapbasedn="OU=Postgres,OU=Ressourcen,DC=my-konzern,DC=de" ldapscheme=ldap ldapsearchfilter="(&(objectClass=user)( sAMAccountName=%u)(memberOf=CN=G_APP_Postgres_Users,OU=Anwendungen,OU=Gruppen,OU=Identity,DC=my-konzern,DC=de))" > > What could be the source of this error? I'd say that because PostgreSQL <> Postgres, you won't find user "CN=VALID-USER,OU=Konten,OU=EWT,OU=PostgreSQL,OU=Ressourcen,DC=my-Konzern,DC=de" under the base distinguished name "OU=Postgres,OU=Ressourcen,DC=my-konzern,DC=de". Try with ldapbasedn="OU=PostgreSQL,OU=Ressourcen,DC=my-Konzern,DC=de". > How to debug this problem step by step to see where exactly the chain is disconnected? Copy and paste is your friend, it avoids typos. Yours, Laurenz Albe
В списке pgsql-novice по дате отправления: