LDAP authentication

verticadba · Post by **verticadba** » Wed Nov 20, 2013 3:27 pm

I am running into a security issue with testing my ldap authentication. The parameter I am passing is
ClientAuthentication = local all ldap “ldap://xxxxxxxxxx/CN=xxxxxx,CN=Users,DC=xxxxx,DC=xxx,DC=xxxxxx,DC=xxxxx"

The test account name is testldap and with I login as vsql -Utestldap it logs me in without asking me my password, so anyone who knows my login ID can just login as me. How can I force Vertica to ask for the password. what am I doing wrong? The LDAP server has the username/passwd.

Thanks

Post by **JimKnicely** » Wed Nov 20, 2013 7:16 pm

Hi,

When you log in as the testldap user via vsql, what does the SESSIONS table report for the authentication method?

select authentication_method from sessions where user_name = 'testldap';

verticadba · Post by **verticadba** » Thu Nov 21, 2013 3:27 pm

Hi Jim,

It says

authentication_method
-----------------------
Unknown
(1 row)

Thanks

verticadba · Post by **verticadba** » Mon Dec 02, 2013 2:47 pm

Hi Jm can you let me know what's my next step is

Thanks

Post by **JimKnicely** » Tue Dec 03, 2013 4:23 am

Hi,

Is the user a user in Vertica? That is, do you get any results from this query?

select password from users where user_name = 'testuser';

I was just wondering if the user exists without a password, if so, I believe that you can log into vsql without a password.

I haven't tried using ldap with Vertica yet so I'm kind of just making some best guesses here

Did you try using the ldapsearch Linux command to make sure you can find the user? See:

https://my.vertica.com/docs/6.1.x/HTML/ ... #18816.htm

LDAP authentication

LDAP authentication

Re: LDAP authentication

Re: LDAP authentication

Re: LDAP authentication

Re: LDAP authentication