Hi,
I'm not an AD expert myself, but I've read somewhere, that AD disallows
simple binds without using ssl.
You could try enabling ssl on AD, or try the krb5 authentication method
for pg.
Good Luck
Geza
I've setup LDAP on Postgresql 8.3.6 by adding the following line to
pg_hba.conf. My Active Directory has a group called 'users group' which
contains an entry for user pgtest.
host all pgtest xx.xxx.x.x/xx ldap
"ldap://server.mydomain.com:389/basedn;cn=;,ou=users
group,dc=mydomain,dc=com"
I have restarted the PG server but when I try to connect via psql from
another host, I get the following error: -
2010-10-28 16:30:36 BST [1095]: [2-1] FATAL: LDAP authentication
failed for user "pgtest"
2010-10-28 16:30:36 BST [1096]: [1-1] LOG: LDAP login failed for user
"cn=pgtest,ou=users group,dc=mydomain,dc=com" on server
"server.mydomain.com": error code 49
So it looks like the cn, ou and dc parameters are correct, but for some
reason Openldap is returning error 49, which is a generic
authentication failure message.
Can anyone suggest anything that I might be doing wrong? Could it be
the line in pg_hba.conf that is wrong, or possibly the ldap package on
the server (debian linux) not working
properly?
Any ideas much appreciated!
From: kierenscott@xxxxxxxxxxx
To: pgsql-admin@xxxxxxxxxxxxxx
Subject: Using LDAP with postgresql 8.2
Date: Wed, 27 Oct 2010 17:57:32 +0000
Hi,
I'm looking to implement LDAP authentication againt Active Directory
for my
Postgresql databases. What's people experiences of using LDAP for
authenticating logins with AD?
Is it easy to setup and is there anything to watch out for e.g. does
Postgresql do anything
intrusive on Active Directory (create anything) or does it just simply
bind to AD, validate the
username/password pair and return success/failure back to the client?
Many thanks!
|
