Hi, Do you compile your postgresql with clause --with-ldap ?? Configuration pg_hba.conf: host base_central all 0.0.0.0 0.0.0.0 ldap "ldap://172.16.10.2/dc=mydomain,dc=com;uid=;,ou=Users,dc=mydomain,dc=com"; Verify now... See you soon. []´s victor hugo Brazil-RJ 2010/10/28 Kieren Scott <kierenscott@xxxxxxxxxxx>: > Hi, > > I've setup LDAP on Postgresql 8.3.6 by adding the following line to > pg_hba.conf. My Active Directory has a group called 'users group' which > contains an entry for user pgtest. > > host all pgtest xx.xxx.x.x/xx ldap > "ldap://server.mydomain.com:389/basedn;cn=;,ou=users > group,dc=mydomain,dc=com" > > I have restarted the PG server but when I try to connect via psql from > another host, I get the following error: - > > 2010-10-28 16:30:36 BST [1095]: [2-1] FATAL: LDAP authentication failed for > user "pgtest" > 2010-10-28 16:30:36 BST [1096]: [1-1] LOG: LDAP login failed for user > "cn=pgtest,ou=users group,dc=mydomain,dc=com" on server > "server.mydomain.com": error code 49 > > So it looks like the cn, ou and dc parameters are correct, but for some > reason Openldap is returning error 49, which is a generic authentication > failure message. > > Can anyone suggest anything that I might be doing wrong? Could it be the > line in pg_hba.conf that is wrong, or possibly the ldap package on the > server (debian linux) not working > properly? > > Any ideas much appreciated! > > > ________________________________ > From: kierenscott@xxxxxxxxxxx > To: pgsql-admin@xxxxxxxxxxxxxx > Subject: Using LDAP with postgresql 8.2 > Date: Wed, 27 Oct 2010 17:57:32 +0000 > > Hi, > > I'm looking to implement LDAP authentication againt Active Directory for my > Postgresql databases. What's people experiences of using LDAP for > authenticating logins with AD? > Is it easy to setup and is there anything to watch out for e.g. does > Postgresql do anything > intrusive on Active Directory (create anything) or does it just simply bind > to AD, validate the > username/password pair and return success/failure back to the client? > > Many thanks! > -- []´s Victor Hugo -- Sent via pgsql-admin mailing list (pgsql-admin@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-admin
