On Wed, May 30, 2018 at 5:43 PM, Adrian Klaver <adrian.kla...@aklaver.com> wrote:
> On 05/30/2018 01:41 PM, C GG wrote: > >> >> >> > Please let me be clear, this is not a question about whether or not to use >> passwords. This is a question of how to determine the cause of and remedy a >> slowdown retrieving data from PostgreSQL when using LDAP(S) to authenticate >> PostgreSQL users. One of the sideline questions would be how to achieve the >> same effect by using a different scheme. I should further clarify that a >> major requirement would be that the scheme would need to work in our >> current environment without having to re-engineer the client applications. >> That would entail the need to pass a username and password as we have >> traditionally done. >> >> Any friendly assistance with LDAP(S) to that end is welcome. >> > > Have been following this thread and have not answered previously as > LDAP/AD is not something I really know about. Still strikes me as similar > to another LDAP thread: > > https://www.postgresql.org/message-id/CAKeZVDov%2Bj2ZfUuSXNN > -98_Nn_kAXr2e7UmKHhFNODHuEnUwUg%40mail.gmail.com > > In that post the OP found that supplying an IP address instead of a host > name sped up the process. > > Have you tried that? > > It may not be a permanent solution, but it might help identify where the > problem is. > > > That was a good suggestion. I can't get LDAPS to work with an IP address because fails the TLS check. I don't see an option to ignore hostname checks for LDAPS, but I have a different idea... I will try putting the hostname and IP in the hosts file to avoid the DNS lookup. I should know something by tomorrow if that made a difference. Thanks for the lead! > > -- > Adrian Klaver > adrian.kla...@aklaver.com >
