I am running into a security issue with testing my ldap authentication. The parameter I am passing is
ClientAuthentication = local all ldap “ldap://xxxxxxxxxx/CN=xxxxxx,CN=Users,DC=xxxxx,DC=xxx,DC=xxxxxx,DC=xxxxx"
The test account name is testldap and with I login as vsql -Utestldap it logs me in without asking me my password, so anyone who knows my login ID can just login as me. How can I force Vertica to ask for the password. what am I doing wrong? The LDAP server has the username/passwd.
Thanks
LDAP authentication
Moderator: NorbertKrupa
- JimKnicely
- Site Admin
- Posts: 1825
- Joined: Sat Jan 21, 2012 4:58 am
- Contact:
Re: LDAP authentication
Hi,
When you log in as the testldap user via vsql, what does the SESSIONS table report for the authentication method?
select authentication_method from sessions where user_name = 'testldap';
When you log in as the testldap user via vsql, what does the SESSIONS table report for the authentication method?
select authentication_method from sessions where user_name = 'testldap';
Jim Knicely
Note: I work for Vertica. My views, opinions, and thoughts expressed here do not represent those of my employer.
Note: I work for Vertica. My views, opinions, and thoughts expressed here do not represent those of my employer.
-
- Newbie
- Posts: 8
- Joined: Fri Nov 15, 2013 5:47 pm
Re: LDAP authentication
Hi Jim,
It says
authentication_method
-----------------------
Unknown
(1 row)
Thanks
It says
authentication_method
-----------------------
Unknown
(1 row)
Thanks
-
- Newbie
- Posts: 8
- Joined: Fri Nov 15, 2013 5:47 pm
Re: LDAP authentication
Hi Jm can you let me know what's my next step is
Thanks
Thanks
- JimKnicely
- Site Admin
- Posts: 1825
- Joined: Sat Jan 21, 2012 4:58 am
- Contact:
Re: LDAP authentication
Hi,
Is the user a user in Vertica? That is, do you get any results from this query?
I haven't tried using ldap with Vertica yet so I'm kind of just making some best guesses here
Did you try using the ldapsearch Linux command to make sure you can find the user? See:
https://my.vertica.com/docs/6.1.x/HTML/ ... #18816.htm
Is the user a user in Vertica? That is, do you get any results from this query?
- select password from users where user_name = 'testuser';
I haven't tried using ldap with Vertica yet so I'm kind of just making some best guesses here
Did you try using the ldapsearch Linux command to make sure you can find the user? See:
https://my.vertica.com/docs/6.1.x/HTML/ ... #18816.htm
Jim Knicely
Note: I work for Vertica. My views, opinions, and thoughts expressed here do not represent those of my employer.
Note: I work for Vertica. My views, opinions, and thoughts expressed here do not represent those of my employer.