postgres authentication
This is a discussion on postgres authentication within the pgsql Admins forums, part of the PostgreSQL category; --> Hi everybody, I am having a problem with crating user. It has to do with authentication. What I want ...
| |||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
04-10-2008, 08:03 AM
| ||||
| ||||
 postgres authentication Hi everybody, I am having a problem with crating user. It has to do with authentication. What I want is to authenticate a user via an ldap server. I created postgres account by: create user donder with createdb login in group analysis; and added the following line to pg_hba.conf file: host all donder ldap://amarula.egcrc.orgsent sent a hup signal like this: pg_ctl -D /usr/local/pgsql/data reload When I become user donder to connect to database, this is what I get: psql: FATAL: missing or erroneous pg_hba.conf file HINT: See server log for details. The serverlog says: LOG: invalid IP address "ldap:" in file "/usr/local/pgsql/data/pg_hba.conf" line 55: Name or service not known FATAL: missing or erroneous pg_hba.conf file HINT: See server log for details. I am looking at the manual, PostgreSQL 8.2.1 Documentation, chapter 20. In section 20.2.5, they talk about ldap authentication, but it's a bit sketchy. The example given is: ldap://ldap.example.net/dc=example,dc=net;EXAMPLE\ I have no idea what "dc=" means, and what does ";EXAMPLE\" mean? Can anyone please explain what this means? If you have done what I am trying to do, please furnish a working example. Many thanks. Regards, Tena Sakai tsakai@gallo.ucsf.edu      |
|
04-10-2008, 08:04 AM
| |||
| |||
| Re: postgres authentication "Tena Sakai" <tsakai@gallo.ucsf.edu> writes: > and added the following line to pg_hba.conf file: > host all donder ldap://amarula.egcrc.orgsent I know nothing about ldap, but this is clearly not a correct host line: you forgot the address field(s), and that last bit should be an option not the auth method name. I would imagine that what you need is something like host all donder 192.168.1.0/24 ldap ldap://amarula.egcrc.orgsent (adjust address to suit, of course) regards, tom lane ---------------------------(end of broadcast)--------------------------- TIP 9: In versions below 8.0, the planner will ignore your desire to choose an index scan if your joining column's datatypes do not match |
|
04-10-2008, 08:04 AM
| ||||
| ||||
| Re: postgres authentication Hi Tom, Thanks for your comment/advice. It is an improvement, but... I adjusted the line in pg_hba.conf to: host all donder 172.16.XX.XX/32 ldap ldap://amarula.egcrc.org and what I get as user donder is: -bash-3.00$ psql canon Password: psql: FATAL: password authentication failed for user "donder" In the serverlog file, I get: FATAL: password authentication failed for user "donder" I need a working ldap example for pg_hba.conf desparately. Can somebody please help? Also, if somebody can explain what the example on page 352 of 8.2.1 manual: ldap://ldap.example.net/dc=example,dc=net;EXAMPLE\ means, I would appreciate it greatly. Regards, Tena Sakai tsakai@gallo.ucsf.edu -----Original Message----- From: Tom Lane [mailto:tgl@sss.pgh.pa.us] Sent: Tue 8/7/2007 9:31 PM To: Tena Sakai Cc: pgsql-admin@postgresql.org Subject: Re: [ADMIN] postgres authentication "Tena Sakai" <tsakai@gallo.ucsf.edu> writes: > and added the following line to pg_hba.conf file: > host all donder ldap://amarula.egcrc.orgsent I know nothing about ldap, but this is clearly not a correct host line: you forgot the address field(s), and that last bit should be an option not the auth method name. I would imagine that what you need is something like host all donder 192.168.1.0/24 ldap ldap://amarula.egcrc.orgsent (adjust address to suit, of course) regards, tom lane |
Linear Mode
