Re: [GENERAL] LDAP authentication without OU in ldapbasedn

Simple bind mode works nicely. Thank you. From: Jeff Janes [mailto:jeff.ja...@gmail.com] Sent: 14 July 2017 03:55 To: Gregory Nicol Cc: pgsql-general@postgresql.org Subject: Re: [GENERAL] LDAP authentication without OU in ldapbasedn On Thu, Jul 13, 2017 at 2:46 AM, Gregory Nicol

Re: [GENERAL] LDAP authentication without OU in ldapbasedn

On Thu, Jul 13, 2017 at 2:46 AM, Gregory Nicol wrote: > Good morning all, > > > > I can’t seem to get LDAP Authentication working without an OU in the > ldapbasedn. My users are spread across multiple OUs without a common root > OU which is why I’m trying to authenticate with just the DC. > > Ha

Re: [GENERAL] LDAP authentication without OU in ldapbasedn

Greetings, * Gregory Nicol (gregory.ni...@medbank.com.mt) wrote: > I can't seem to get LDAP Authentication working without an OU in the > ldapbasedn. My users are spread across multiple OUs without a common root OU > which is why I'm trying to authenticate with just the DC. As it looks like you

[GENERAL] LDAP authentication without OU in ldapbasedn

Good morning all, I can't seem to get LDAP Authentication working without an OU in the ldapbasedn. My users are spread across multiple OUs without a common root OU which is why I'm trying to authenticate with just the DC. With pg_hba.conf like this, I can connect successfully from psql...

Re: [GENERAL] LDAP Authentication

W dniu 23.04.2015 o 00:06, John R Pierce pisze: On 4/22/2015 2:57 PM, Joseph Kregloh wrote: I see. That would still require a manual process to create the user on each server. I was planing on using some already existing scripts to create the user automatically on all servers and then LDAP

Re: [GENERAL] LDAP Authentication

On 4/22/2015 2:57 PM, Joseph Kregloh wrote: I see. That would still require a manual process to create the user on each server. I was planing on using some already existing scripts to create the user automatically on all servers and then LDAP would authorize depending on attributes in their

Re: [GENERAL] LDAP Authentication

On Wed, Apr 22, 2015 at 5:30 PM, John R Pierce wrote: > On 4/22/2015 11:37 AM, Joseph Kregloh wrote: > >> I have successfully setup LDAP and setup simple authentication using >> simple bind. This was my test case. Now I need to move to the next lever >> which would be search and bind. This will a

Re: [GENERAL] LDAP Authentication

On 4/22/2015 11:37 AM, Joseph Kregloh wrote: I have successfully setup LDAP and setup simple authentication using simple bind. This was my test case. Now I need to move to the next lever which would be search and bind. This will allow me to grant access to particular servers for some people. I

[GENERAL] LDAP Authentication

I am currently setting up various environments to allow our developers to login to Postgresql using their LDAP password. Also limiting the servers they can access. I have successfully setup LDAP and setup simple authentication using simple bind. This was my test case. Now I need to move to the nex

Re: [GENERAL] LDAP authentication not working

> Original Message > Subject: Re: [GENERAL] LDAP authentication not working > Resent-From: > Date: Wed, 14 May 2014 06:47:45 -1000 > From: Stephan Fabel > To: Magnus Hagander > CC: Postgres List , Jürgen Fuchsberger > >

Re: [GENERAL] LDAP authentication not working

On May 14, 2014 12:56 AM, "Magnus Hagander" wrote: > > On Wed, May 14, 2014 at 11:48 AM, Jürgen Fuchsberger < juergen.fuchsber...@uni-graz.at> wrote: >> >> >> >> On 05/14/2014 09:10 AM, Magnus Hagander wrote: >> > On Wed, May 14, 2014 at 8:35 AM, Stephan Fabel > > > wrote

Re: [GENERAL] LDAP authentication not working

On Wed, May 14, 2014 at 11:48 AM, Jürgen Fuchsberger < juergen.fuchsber...@uni-graz.at> wrote: > > > On 05/14/2014 09:10 AM, Magnus Hagander wrote: > > On Wed, May 14, 2014 at 8:35 AM, Stephan Fabel > > wrote: > > > > I don't think SSL support for LDAP is supported.

Re: [GENERAL] LDAP authentication not working

On Wed, May 14, 2014 at 8:35 AM, Stephan Fabel wrote: > I don't think SSL support for LDAP is supported. Have you tried TLS on > port 389? > Correct, and you need to set ldaptls=1 to use that as well. (And yes, unfortunately the LDAP error messages from openldap are notoriously bad) //Magnus

Re: [GENERAL] LDAP authentication not working

I don't think SSL support for LDAP is supported. Have you tried TLS on port 389? On May 13, 2014 8:20 PM, "Jürgen Fuchsberger" < juergen.fuchsber...@uni-graz.at> wrote: > Hi, > > I'm running postgresql 9.1 on Debian and am trying to set up LDAP > authentication using the following configuration in

[GENERAL] LDAP authentication not working

Hi, I'm running postgresql 9.1 on Debian and am trying to set up LDAP authentication using the following configuration in pg_hba.conf: hostssl testdb all 143.50.203.0/24 ldap ldapserver="wegc24.uni-graz.at" ldapport=636 ldapbinddn="cn=nss,dc=uni-graz,dc=at" ldapbindpasswd="" ldapbasedn="dc=u

Re: [GENERAL] LDAP authentication timing out

Hey, Thanks for the reply Magnus. I'm getting some packet captures now - I just thought I'd throw this out there in case anyone else had faced similar problems. This is EDB PPAS, I'm following up with them in parallel. Cheers, James Sewell James Sewell Solutions Architect _

Re: [GENERAL] LDAP authentication timing out

On Thu, Jun 20, 2013 at 7:24 AM, James Sewell wrote: > Hello All, > > I have the following config: > > hostsamerole+myrole samenetldap > ldapserver="ldap1,ldap2,ldap3" ldapbinddn="mybinddn" > ldapbindpasswd="mypass" ldapbasedn="mybase" ldapsearchattribute="myatt" >

[GENERAL] LDAP authentication timing out

Hello All, I have the following config: hostsamerole+myrole samenetldap ldapserver="ldap1,ldap2,ldap3" ldapbinddn="mybinddn" ldapbindpasswd="mypass" ldapbasedn="mybase" ldapsearchattribute="myatt" Usually auth works perfectly with LDAP (starting a session from psq

Re: [GENERAL] ldap authentication multiple ou objects

200 > From: s...@compulab.co.il > To: pgsql-general@postgresql.org > Subject: [GENERAL] ldap authentication multiple ou objects > > Is there a way to do ldap authentication in pg_hba on a structure that > has multiple ou objects? > > Lets say I have an ou=Users and then an ou pe

Re: [GENERAL] ldap authentication multiple ou objects

On 02/23/2011 10:27 PM, Magnus Hagander wrote: On Wed, Feb 23, 2011 at 11:43, Sim Zacks wrote: Is there a way to do ldap authentication in pg_hba on a structure that has multiple ou objects? Lets say I have an ou=Users and then an ou per dept. I want the ldap to do authentication no matter w

[GENERAL] ldap authentication multiple ou objects

Is there a way to do ldap authentication in pg_hba on a structure that has multiple ou objects? Lets say I have an ou=Users and then an ou per dept. I want the ldap to do authentication no matter which ou the user is in. My current ldap string is: ldap://ldap.server.local/Users;uid=;,ou=User

Re: [GENERAL] LDAP Authentication

2008-07-03_21:17:50-0400 Ron Peterson <[EMAIL PROTECTED]>: > 2008-06-29_09:44:01-0400 Taha Ozket <[EMAIL PROTECTED]>: > > > I have a ldap group, "pgsql-developers". I have an user (user1) member > > of this group; > > ... > > How can I change this line for give login permission to > > pgsql-develo

Re: [GENERAL] LDAP Authentication

2008-06-29_09:44:01-0400 Taha Ozket <[EMAIL PROTECTED]>: > I have a ldap group, "pgsql-developers". I have an user (user1) member > of this group; > ... > How can I change this line for give login permission to > pgsql-developers members? If you have pam available, you could do pam authentication

Re: [GENERAL] LDAP Authentication

On Sun, 2008-06-29 at 17:58 +0200, Magnus Hagander wrote: > This is not something you currently can do. We can only do LDAP > authentication, not authorization. There's no way to restrict it to a > particular group. We're very interested in this functionality (nss_ldap for PgSQL) -- so if there's

Re: [GENERAL] LDAP Authentication

Taha Ozket wrote: > Hi, > > I have a ldap group, "pgsql-developers". I have an user (user1) member > of this group; > > group > dn: cn=pgsql-developers,ou=Groups,o=Dep,dc=x,dc=x,dc=x > objectClass: groupOfUniqueNames > objectClass: top > cn: SVN Committers > uniqueMember: uid=user1,ou=Users,o=Dep

[GENERAL] LDAP Authentication

Hi, I have a ldap group, "pgsql-developers". I have an user (user1) member of this group; group dn: cn=pgsql-developers,ou=Groups,o=Dep,dc=x,dc=x,dc=x objectClass: groupOfUniqueNames objectClass: top cn: SVN Committers uniqueMember: uid=user1,ou=Users,o=Dep,dc=x,dc=x,dc=x user dn: uid=user1,ou=U

Re: [GENERAL] ldap authentication allows logon with blank password

After some investigation into Open LDAP I discovered that a post that states: "A bind with a DN but with an empty password is equivalent to an anonymous bind, while a bind with a DN and with a wrong password is not;" So could this cause a blank password to allow access to the database as the LDAP

Re: [GENERAL] ldap authentication allows logon with blank password

Here is the log output when I try different passwords: When I enter an incorrect password I get the following: [unknown] [unknown] 2007-12-05 13:55:29 CST LOG: connection received: host=111.111.111.111 port=1791 user test_db 111.111.111.111 2007-12-05 13:55:29 CST DEBUG: received password pack

[GENERAL] LDAP authentication

Hello, I saw many messages about ldap authentication but I´m still not sure if PostgreSQL can use it? Can I use it or should I apply some patch before? Reimer ---(end of broadcast)--- TIP 3: Have you checked our extensive FAQ? htt

Re: [GENERAL] LDAP authentication

Em Sexta 26 Maio 2006 12:55, codeWarrior escreveu: > May I suggest you take a look at www.openldap.org and the following: > http://www.samse.fr/GPL/ldap_pg/HOWTO/ This looks like the opposite: the HOWTO above is for LDAP using PostgreSQL as backend not PostgreSQL using LDAP to authenticate. --

Re: RES: [GENERAL] LDAP authentication

On Fri, 2006-05-26 at 17:38 +0200, Florian G. Pflug wrote: > [EMAIL PROTECTED] wrote: > >> Are you using windows or unix? On unix, postgresql can use pam > > > > We are using a mix of windows and unix+linux and I think PAM can not be used > > with windows. Am I right? > > > > Is there another way

Re: [GENERAL] LDAP authentication

On Fri, 2006-05-26 at 10:55, codeWarrior wrote: > May I suggest you take a look at www.openldap.org and the following: > http://www.samse.fr/GPL/ldap_pg/HOWTO/ Note that that's more about backing LDAP with PostgreSQL, not the other way around. still a good faq though ---

Re: [GENERAL] LDAP authentication

May I suggest you take a look at www.openldap.org and the following: http://www.samse.fr/GPL/ldap_pg/HOWTO/ <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Hello, > > I saw many messages about ldap authentication but I´m still not sure if > PostgreSQL can use it? > > Can I use it?

Re: RES: [GENERAL] LDAP authentication

[EMAIL PROTECTED] wrote: Are you using windows or unix? On unix, postgresql can use pam We are using a mix of windows and unix+linux and I think PAM can not be used with windows. Am I right? Is there another way? Not that I would know... But try googling around for pam and windows. Theres ar

RES: [GENERAL] LDAP authentication

> Are you using windows or unix? On unix, postgresql can use pam We are using a mix of windows and unix+linux and I think PAM can not be used with windows. Am I right? Is there another way? ---(end of broadcast)--- TIP 2: Don't 'kill -9' the post

Re: [GENERAL] LDAP authentication

[EMAIL PROTECTED] wrote: Hello, I saw many messages about ldap authentication but I´m still not sure if PostgreSQL can use it? Are you using windows or unix? On unix, postgresql can use pam (pluggable authentication modules) for authentication. There are pam modules for about any authenticatio

[GENERAL] LDAP authentication

Hello, I saw many messages about ldap authentication but I´m still not sure if PostgreSQL can use it? Can I use it? Should I apply some patch before? Where can I find some doc about? Reimer ---(end of broadcast)--- TIP 2: Don't 'kill -9' the post