I don't think SSL support for LDAP is supported. Have you tried TLS on port 389? On May 13, 2014 8:20 PM, "Jürgen Fuchsberger" < juergen.fuchsber...@uni-graz.at> wrote:
> Hi, > > I'm running postgresql 9.1 on Debian and am trying to set up LDAP > authentication using the following configuration in pg_hba.conf: > > hostssl testdb all 143.50.203.0/24 ldap ldapserver=" > wegc24.uni-graz.at" > ldapport=636 ldapbinddn="cn=nss,dc=uni-graz,dc=at" > ldapbindpasswd="<thepasswd>" ldapbasedn="dc=uni-graz,dc=at" > > > Trying to access testdb via psql fails with the following error in the log: > '''could not perform initial LDAP bind for ldapbinddn > "cn=nss,dc=uni-graz,dc=at" on server "wegc24.uni-graz.at": error code > -1''' > > Unfortunately I did not find what error code -1 means. > > Ldapsearch works fine: > > ldapsearch -W -H ldaps://wegc24.uni-graz.at:636/ -D > "CN=nss,DC=uni-graz,DC=at" > > Interesting is also, that postgres seems to not even reach the ldap > server: If I change parameter ldapserver to a non-existing url it gives > the same error code -1. > > Any help much appreciated! > > Best, > Juergen > >
