On Fri, Aug 25, 2023 at 3:09 PM Stephen Frost wrote:
Hi Stephen. Thanks for taking the time to make such a detailed response.
* Dominique Devienne (ddevie...@gmail.com) wrote:
> > could you please provide more info on [...]
>
>
> https://www.crunchydata.com/blog/windows-active-directory-postgres
Greetings,
* Dominique Devienne (ddevie...@gmail.com) wrote:
> On Thu, Aug 24, 2023 at 10:07 PM Stephen Frost wrote:
> > * Emile Amewoto (emil...@yahoo.com) wrote:
> > > Here is the high level process:
> > > 1- Create the user x without password in Postgres.
> > > 2- Assign role or roles to the
On Thu, Aug 24, 2023 at 10:07 PM Stephen Frost wrote:
> Greetings,
>
> * Emile Amewoto (emil...@yahoo.com) wrote:
> > Here is the high level process:
> > 1- Create the user x without password in Postgres.
> > 2- Assign role or roles to the user x
> > 3- Update pg_hba.conf with the ldap connecti
Greetings,
* Emile Amewoto (emil...@yahoo.com) wrote:
> Here is the high level process:
> 1- Create the user x without password in Postgres.
> 2- Assign role or roles to the user x
> 3- Update pg_hba.conf with the ldap connection link.
>
> You might need cert for the ldap to connect to AD, assu
023, at 10:42, Roger Tannous wrote:
>
> Hello,
>
> In section 21.10 LDAP Authentication
> <https://www.postgresql.org/docs/current/auth-ldap.html> of the
> documentation, it says that the DB user must already exist in the database
> before LDAP can be used for aut
Hello,
In section 21.10 LDAP Authentication
<https://www.postgresql.org/docs/current/auth-ldap.html> of the
documentation, it says that the DB *user must already exist in the database
before LDAP can be used for authentication*.
I'm checking the possibility to use LDAP Authenti
t;
> -Original Message-
> From: Alvaro Herrera [mailto:alvhe...@2ndquadrant.com]
> Sent: Thursday, December 20, 2018 3:25 PM
> To: Kumar, Virendra
> Cc: pgsql-general@lists.postgresql.org
> Subject: Re: Multiple LDAP Servers for ldap Authentication
>
> On 2018-Dec-20, Kuma
Greetings,
* Chris Stephens (cstephen...@gmail.com) wrote:
> yes, shortly after i sent this out to the list, one of our security
> administrators suggested ldapscheme. I just tested and ldapurl works as
> well.
>
> the security admin explained it like this:
>
> "since we are using port 636 I kn
yes, shortly after i sent this out to the list, one of our security
administrators suggested ldapscheme. I just tested and ldapurl works as
well.
the security admin explained it like this:
"since we are using port 636 I know that it needs the TLS connection in
place before LDAP commands. starttl
Hi Chris,
> On 08. Jun, 2020, at 23:05, Chris Stephens wrote:
> posgresql 12
> centos 7
here: PostgreSQL 11.6 & 12.3, SLES 12 & 15
> hostsslall all 0.0.0.0/0 ldap
> ldapserver="ldaps://xxx" ldapbasedn="yyy" ldaptls=1
we use:
hostssl all all 0.0.0.0/0
On Tue, Jun 9, 2020 at 9:05 AM Chris Stephens wrote:
> hostsslall all 0.0.0.0/0 ldap
> ldapserver="ldaps://xxx" ldapbasedn="yyy" ldaptls=1
> does anyone know what might be causing "LDAP: Bad parameter to an ldap
> routine"
You probably want ldapurl="lda
posgresql 12
centos 7
i am trying to configure ldap authentication.
i have the following pg_hba.conf entry (server and basedn are correct but
not shown):
hostsslall all 0.0.0.0/0 ldap
ldapserver="ldaps://xxx" ldapbasedn="yyy" ldaptls=
Herrera; pgsql-general@lists.postgresql.org
Subject: Re: Multiple LDAP Servers for ldap Authentication
On Thu, 20 Dec 2018 at 16:17, Kumar, Virendra
wrote:
>
> I figured it out, this is how it works:
> --
> hostall all0.0.0.0/0 ldap
On Thu, 20 Dec 2018 at 16:17, Kumar, Virendra
wrote:
>
> I figured it out, this is how it works:
> --
> hostall all0.0.0.0/0 ldap
> ldapserver=server1.com ldapserver=server2.com ldapprefix=PROD01\
>
> So documentation need some update.
Looking at
[mailto:alvhe...@2ndquadrant.com]
Sent: Thursday, December 20, 2018 3:25 PM
To: Kumar, Virendra
Cc: pgsql-general@lists.postgresql.org
Subject: Re: Multiple LDAP Servers for ldap Authentication
On 2018-Dec-20, Kumar, Virendra wrote:
> Comman separated doesn't work as well.
Please separate by a com
,
Virendra
-Original Message-
From: Alvaro Herrera [mailto:alvhe...@2ndquadrant.com]
Sent: Thursday, December 20, 2018 3:25 PM
To: Kumar, Virendra
Cc: pgsql-general@lists.postgresql.org
Subject: Re: Multiple LDAP Servers for ldap Authentication
On 2018-Dec-20, Kumar, Virendra wrote:
> Com
On 2018-Dec-20, Kumar, Virendra wrote:
> Comman separated doesn't work as well.
Please separate by a comma and a space, not just a comma. My reading of
the OpenLDAP source code, and some quick experiments comparing failure
patterns, suggest that that exact combination may work. (OpenLDAP is
not
: Multiple LDAP Servers for ldap Authentication
On 2018-Dec-20, Kumar, Virendra wrote:
> This is what I see:
> --
> [postgres@usdf24v0131 ~]$ which postgres
> /opt/postgres/10/bin/postgres
> [postgres@usdf24v0131 ~]$ ldd /opt/postgres/10/bin/postgres
>
ldap Authentication
On 2018-Dec-20, Kumar, Virendra wrote:
> I am going through ldap authentication documents in PostgreSQL and found that
> we can specify multiple ldap servers but sure how. I have put two entries in
> double quotes like below:
> --
> hostall all
On 2018-Dec-20, Kumar, Virendra wrote:
> I am going through ldap authentication documents in PostgreSQL and found that
> we can specify multiple ldap servers but sure how. I have put two entries in
> double quotes like below:
> --
> hostall all
On 2018-Dec-20, Kumar, Virendra wrote:
> This is what I see:
> --
> [postgres@usdf24v0131 ~]$ which postgres
> /opt/postgres/10/bin/postgres
> [postgres@usdf24v0131 ~]$ ldd /opt/postgres/10/bin/postgres
> linux-vdso.so.1 => (0x7ffee3fe8000)
> libpthread.so.0 => /lib64/libpthre
drant.com]
Sent: Thursday, December 20, 2018 1:47 PM
To: Kumar, Virendra
Cc: pgsql-general@lists.postgresql.org
Subject: Re: Multiple LDAP Servers for ldap Authentication
Hello Virendra
On 2018-Dec-20, Kumar, Virendra wrote:
> I am going through ldap authentication documents in PostgreSQL and found that
&g
Hello Virendra
On 2018-Dec-20, Kumar, Virendra wrote:
> I am going through ldap authentication documents in PostgreSQL and found that
> we can specify multiple ldap servers but sure how. I have put two entries in
> double quotes like below:
> --
> host
Hi,
I am going through ldap authentication documents in PostgreSQL and found that
we can specify multiple ldap servers but sure how. I have put two entries in
double quotes like below:
--
hostall all0.0.0.0/0 ldap
ldapserver="server
v6 requests
properly... I'll check with my IT.
Thank you again, folks.
Andy
On 31 May 2018 at 16:54, Achilleas Mantzios
wrote:
> On 28/05/2018 17:26, Andreas Schmid wrote:
>
> Hi,
>
> I configured my PostgreSQL 10 DB on Debian 9.2 with LDAP authentication
> (simple bind mo
Jeff Janes writes:
> On Thu, May 31, 2018 at 8:23 AM, C GG wrote:
>
> In the meantime, I did what I promised Adrian Klaver I would do and I added
>> the AD servers to the /etc/hosts file. That had an immediate and dramatic
>> effect on the performance. That confirms (at least to me) that DNS
>
On Thu, May 31, 2018 at 8:23 AM, C GG wrote:
In the meantime, I did what I promised Adrian Klaver I would do and I added
> the AD servers to the /etc/hosts file. That had an immediate and dramatic
> effect on the performance. That confirms (at least to me) that DNS
> resolution was playing a larg
On 28/05/2018 17:26, Andreas Schmid wrote:
Hi,
I configured my PostgreSQL 10 DB on Debian 9.2 with LDAP authentication (simple bind mode). While this basically works, it has the strange effect that the first login with psql takes around 5
seconds. When I reconnect within 60 seconds, the login
On Wed, May 30, 2018 at 6:31 PM, Tim Cross wrote:
>
> C GG writes:
>
> > On Wed, May 30, 2018 at 2:50 PM, Stephen Frost
> wrote:
> >
> >> Greetings,
> >>
> >> * C GG (cgg0...@gmail.com) wrote:
> >> > On Wed, May 30, 2018 at 12:04 PM, Stephen Frost
> >> wrote:
> >> > > What's the reason for wis
C GG writes:
> On Wed, May 30, 2018 at 2:50 PM, Stephen Frost wrote:
>
>> Greetings,
>>
>> * C GG (cgg0...@gmail.com) wrote:
>> > On Wed, May 30, 2018 at 12:04 PM, Stephen Frost
>> wrote:
>> > > What's the reason for wishing for them to "be able to type in a
>> > > password"? With GSSAPI/Ker
On Wed, May 30, 2018 at 5:43 PM, Adrian Klaver
wrote:
> On 05/30/2018 01:41 PM, C GG wrote:
>
>>
>>
>>
> Please let me be clear, this is not a question about whether or not to use
>> passwords. This is a question of how to determine the cause of and remedy a
>> slowdown retrieving data from Postg
On 05/30/2018 01:41 PM, C GG wrote:
Please let me be clear, this is not a question about whether or not to
use passwords. This is a question of how to determine the cause of and
remedy a slowdown retrieving data from PostgreSQL when using LDAP(S) to
authenticate PostgreSQL users. One of th
On Wed, May 30, 2018 at 2:50 PM, Stephen Frost wrote:
> Greetings,
>
> * C GG (cgg0...@gmail.com) wrote:
> > On Wed, May 30, 2018 at 12:04 PM, Stephen Frost
> wrote:
> > > What's the reason for wishing for them to "be able to type in a
> > > password"? With GSSAPI/Kerberos, users get true singl
Greetings,
* C GG (cgg0...@gmail.com) wrote:
> On Wed, May 30, 2018 at 12:04 PM, Stephen Frost wrote:
> > What's the reason for wishing for them to "be able to type in a
> > password"? With GSSAPI/Kerberos, users get true single-sign-on, so they
> > would log into the Windows system with a passw
On Mon, May 28, 2018 at 10:26 AM, Andreas Schmid
wrote:
> Hi,
>
> I configured my PostgreSQL 10 DB on Debian 9.2 with LDAP authentication
> (simple bind mode). While this basically works, it has the strange effect
> that the first login with psql takes around 5 seconds. When I rec
On Wed, May 30, 2018 at 12:04 PM, Stephen Frost wrote:
> Greetings,
>
> * C GG (cgg0...@gmail.com) wrote:
> > This is PostgreSQL 9.5 -- We just enabled LDAP(S) authentication (to an
> > Active Directory server) for a certain grouping of users
>
> You really shouldn't be using LDAP auth to an Acti
Greetings,
* C GG (cgg0...@gmail.com) wrote:
> This is PostgreSQL 9.5 -- We just enabled LDAP(S) authentication (to an
> Active Directory server) for a certain grouping of users
You really shouldn't be using LDAP auth to an Active Directory system.
Active Directory supports Kerberos, which is a m
Andreas Schmid wrote:
> I configured my PostgreSQL 10 DB on Debian 9.2 with LDAP authentication
> (simple bind mode).
> While this basically works, it has the strange effect that the first login
> with psql
> takes around 5 seconds. When I reconnect within 60 seconds, the log
This is PostgreSQL 9.5 -- We just enabled LDAP(S) authentication (to an
Active Directory server) for a certain grouping of users
pg_hba.conf
#...
hostssl all +ldap_group 0.0.0.0/0 ldap ldaptls="1" ldapserver="
hostssl all all 0.0.0.0/0 md5
#...
I'm getting complaints from the users authent
Hi,
I configured my PostgreSQL 10 DB on Debian 9.2 with LDAP authentication
(simple bind mode). While this basically works, it has the strange effect
that the first login with psql takes around 5 seconds. When I reconnect
within 60 seconds, the login completes immediately.
The LDAP server is
40 matches
Mail list logo
