Обсуждение: LDAP issues
PGADMIN_DEFAULT_EMAIL="xxxxxx"
PGADMIN_DEFAULT_PASSWORD="xxxxxxx"
PGADMIN_LISTEN_PORT=8080
# LDAP
AUTHENTICATION_SOURCES = ['ldap', 'internal']
LDAP_AUTO_CREATE_USER = True
LDAP_SERVER_URI = 'LDAP://xxx.dc.xxx.eng.xxx.com:389'
LDAP_BASE_DN = 'ou=user accounts,dc=win,dc=eng,dc=xxx,dc=com'
LDAP_USERNAME_ATTRIBUTE = 'sAMAccountName'
LDAP_SEARCH_FILTER = '(objectClass=user)'
LDAP_SEARCH_SCOPE = 'SUBTREE'
LDAP_SEARCH_BASE_DN = 'ou=user accounts,dc=xxx,dc=eng,dc=xxx,dc=com'
LDAP_CA_CERT_FILE = '/pgadmin4/cert/ldap.crt'
LDAP_BIND_USER = "xxx"
LDAP_BIND_PASSWORD = "xxxxx"
LDAP_CA_CERT_FILE = '/pgadmin4/cert/ldap.crt'
Hi
do you have a general problem to auth against LDAP or just when you deploy it on K8s?
Also would be helpful if you share the (LDAP-related) arguments that you pass to the container
cheers
Heiko
From: "Schroeder, Steven" <steven.schroeder@verizonwireless.com>
Date: Thursday, 5. May 2022 at 23:44
To: "pgadmin-support@postgresql.org" <pgadmin-support@postgresql.org>
Subject: [EXT] LDAP issues
Hi All,
We are attempting to deploy pgadmin inside kubernetes with ldap authentication, but having issues getting it to work. We are able to deploy pgadmin and login locally, but no matter what ldap method we try, the credentials are not passed when we look at a pcap. The only attempt we ever see to our ldap server is when we set it to anonymous, but we get back the below response.
000004DC: LdapErr: DSID-0C090A5C, comment: In order to perform this operation a successful bind must be completed on the connection
Ever come across anyone else having issues in kubernetes with ldap?
Thanks,
Steve
--
Geschäftsanschrift/Business address: Wipro Business Solutions GmbH, Metro-Straße 12, 40235 Duesseldorf, Germany
Geschäftsführung/Management Board: Thomas Viefhaus, Michael Seiger, Anandh RaghavanSitz Düsseldorf, Amtsgericht Düsseldorf, HRB 18232/Registered Office Düsseldorf, Commercial Register of the Düsseldorf Local Court, HRB 18232
Betreffend Mails von *@metroitpartner.com
Die in dieser E-Mail enthaltenen Nachrichten und Anhänge sind ausschließlich für den bezeichneten Adressaten bestimmt. Sie können rechtlich geschützte, vertrauliche Informationen enthalten. Falls Sie nicht der bezeichnete Empfänger oder zum Empfang dieser E-Mail nicht berechtigt sind, ist die Verwendung, Vervielfältigung oder Weitergabe der Nachrichten und Anhänge untersagt. Falls Sie diese E-Mail irrtümlich erhalten haben, informieren Sie bitte unverzüglich den Absender und vernichten Sie die E-Mail.Regarding mails from *@metroitpartner.com
This e-mail message and any attachment are intended exclusively for the named addressee. They may contain confidential information which may also be protected by professional secrecy. Unless you are the named addressee (or authorised to receive for the addressee) you may not copy or use this message or any attachment or disclose the contents to anyone else. If this e-mail was
Steve Schroeder | verizon
Service Assurance
O 908-203-5487 | M 609-226-5995