Обсуждение: Getting "ident" to work in Windows
Hi, I'm trying to enable "ident" authentication on my Windows machine using PostgreSQL 9.1 However as soon as I add the following line to pg_hba.conf host all all ::1/128 ident sameuser I get an error message when trying to login (after a server reload of course) psql: FATAL: could not load pg_hba.conf It is precisely that line above. As soon as I remove it I can logon again (with a username/password of course). I did verify that my connections are done through IPV6. Here is the current content of my pg_hba.conf: --------- snip ---------- # TYPE DATABASE USER ADDRESS METHOD # IPv4 local connections: host all all 127.0.0.1/32 md5 # IPv6 local connections: host all all ::1/128 md5 --------- snip ---------- Ideally I would like to make "ident" to work with a custom map but using "ident tkmap". But that throws the same error whichisn't really surprising as "ident tkmap" is not working either. Is ident not supported on Windows? I could not find anything related to that in the manual. Regards Thomas
On Fri, May 4, 2012 at 1:57 PM, Thomas Kellerer <spam_eater@gmx.net> wrote: > Hi, > > I'm trying to enable "ident" authentication on my Windows machine using > PostgreSQL 9.1 > > However as soon as I add the following line to pg_hba.conf > > host all all ::1/128 ident sameuser "sameuser" was removed in PostgreSQL 8.4. Now you just use "ident" if you want that behavior. It probably told you this in the logfile when you did reload - for security reasons, the details of the error are never given to an unauthenticated client. > Ideally I would like to make "ident" to work with a custom map but using > "ident tkmap". But that throws the same error which isn't really surprising > as "ident tkmap" is not working either. ident map=tkmap is what you want. See http://www.postgresql.org/docs/9.1/static/auth-methods.html#AUTH-IDENT -- Magnus Hagander Me: http://www.hagander.net/ Work: http://www.redpill-linpro.com/
On Fri, May 04, 2012 at 01:57:47PM +0200, Thomas Kellerer wrote: > Hi, > > I'm trying to enable "ident" authentication on my Windows machine using PostgreSQL 9.1 > > However as soon as I add the following line to pg_hba.conf > > host all all ::1/128 ident sameuser > > I get an error message when trying to login (after a server reload of course) > > psql: FATAL: could not load pg_hba.conf > > It is precisely that line above. As soon as I remove it I can logon again (with a username/password of course). > > I did verify that my connections are done through IPV6. > > Here is the current content of my pg_hba.conf: > > --------- snip ---------- > # TYPE DATABASE USER ADDRESS METHOD > > # IPv4 local connections: > host all all 127.0.0.1/32 md5 > > # IPv6 local connections: > host all all ::1/128 md5 > --------- snip ---------- > > Ideally I would like to make "ident" to work with a custom map but using "ident tkmap". But that throws the same errorwhich isn't really surprising as "ident tkmap" is not working either. > > Is ident not supported on Windows? I could not find anything related to that in the manual. > > Regards > Thomas > I believe that that is the case. There is no Windows ident support. Regards, Ken
On Fri, May 4, 2012 at 3:33 PM, ktm@rice.edu <ktm@rice.edu> wrote: > On Fri, May 04, 2012 at 01:57:47PM +0200, Thomas Kellerer wrote: >> Hi, >> >> I'm trying to enable "ident" authentication on my Windows machine using PostgreSQL 9.1 >> >> However as soon as I add the following line to pg_hba.conf >> >> host all all ::1/128 ident sameuser >> >> I get an error message when trying to login (after a server reload of course) >> >> psql: FATAL: could not load pg_hba.conf >> >> It is precisely that line above. As soon as I remove it I can logon again (with a username/password of course). >> >> I did verify that my connections are done through IPV6. >> >> Here is the current content of my pg_hba.conf: >> >> --------- snip ---------- >> # TYPE DATABASE USER ADDRESS METHOD >> >> # IPv4 local connections: >> host all all 127.0.0.1/32 md5 >> >> # IPv6 local connections: >> host all all ::1/128 md5 >> --------- snip ---------- >> >> Ideally I would like to make "ident" to work with a custom map but using "ident tkmap". But that throws the same errorwhich isn't really surprising as "ident tkmap" is not working either. >> >> Is ident not supported on Windows? I could not find anything related to that in the manual. >> >> Regards >> Thomas >> > > I believe that that is the case. There is no Windows ident support. There should be ident support for Windows. Just not over local connections ("peer") - since local connections are not supported. -- Magnus Hagander Me: http://www.hagander.net/ Work: http://www.redpill-linpro.com/
Magnus Hagander, 04.05.2012 15:22: >> I'm trying to enable "ident" authentication on my Windows machine using >> PostgreSQL 9.1 >> >> However as soon as I add the following line to pg_hba.conf >> >> host all all ::1/128 ident sameuser > > "sameuser" was removed in PostgreSQL 8.4. Now you just use "ident" if > you want that behavior. Thanks, I somehow missed that. > It probably told you this in the logfile when you did reload - for > security reasons, the details of the error are never given to an > unauthenticated client. No, I only got the could not load pg_hba.conf" error message. >> Ideally I would like to make "ident" to work with a custom map but using >> "ident tkmap". But that throws the same error which isn't really surprising >> as "ident tkmap" is not working either. > > ident map=tkmap > > is what you want. See > http://www.postgresql.org/docs/9.1/static/auth-methods.html#AUTH-IDENT I still get an authentication error but probably that's because ident is indeed not available on Windows. It's not that important as I just wanted to play around with it. Thanks for the help. Regards Thomas