<div dir="auto"><span style="font-family:sans-serif;font-size:12.8px">Hi,</span><br style="font-family:sans-serif;font-size:12.8px"><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">I&#39;m having problems trying to configure the pamldap module to use it</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">with pgpool. I&#39;m keep getting this message:</span><br style="font-family:sans-serif;font-size:12.8px"><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">&quot;&quot;&quot;</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">nslcd: [8b4567] &lt;authc=&quot;pgadminuser&quot;&gt; no available LDAP server found,</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">sleeping 1 seconds</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">nslcd: [8b4567] &lt;authc=&quot;pgadminuser&quot;&gt; DEBUG:</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">ldap_initialize(ldaps://</span><a href="http://192.168.39.144:636/" style="text-decoration-line:none;color:rgb(66,133,244);font-family:sans-serif;font-size:12.8px">192.168.39.144:636/</a><span style="font-family:sans-serif;font-size:12.8px">)</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">nslcd: [8b4567] &lt;authc=&quot;pgadminuser&quot;&gt; DEBUG: ldap_set_rebind_proc()</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">nslcd: [8b4567] &lt;authc=&quot;pgadminuser&quot;&gt; DEBUG:</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">ldap_set_option(LDAP_OPT_PROTO</span><span style="font-family:sans-serif;font-size:12.8px">COL_VERSION,3)</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">nslcd: [8b4567] &lt;authc=&quot;pgadminuser&quot;&gt; DEBUG: ldap_set_option(LDAP_OPT_DEREF</span><span style="font-family:sans-serif;font-size:12.8px">,0)</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">nslcd: [8b4567] &lt;authc=&quot;pgadminuser&quot;&gt; DEBUG:</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">ldap_set_option(LDAP_OPT_TIMEL</span><span style="font-family:sans-serif;font-size:12.8px">IMIT,0)</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">nslcd: [8b4567] &lt;authc=&quot;pgadminuser&quot;&gt; DEBUG: ldap_set_option(LDAP_OPT_TIMEO</span><span style="font-family:sans-serif;font-size:12.8px">UT,0)</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">nslcd: [8b4567] &lt;authc=&quot;pgadminuser&quot;&gt; DEBUG:</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">ldap_set_option(LDAP_OPT_NETWO</span><span style="font-family:sans-serif;font-size:12.8px">RK_TIMEOUT,0)</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">nslcd: [8b4567] &lt;authc=&quot;pgadminuser&quot;&gt; DEBUG:</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">ldap_set_option(LDAP_OPT_REFER</span><span style="font-family:sans-serif;font-size:12.8px">RALS,LDAP_OPT_ON)</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">nslcd: [8b4567] &lt;authc=&quot;pgadminuser&quot;&gt; DEBUG:</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">ldap_set_option(LDAP_OPT_RESTA</span><span style="font-family:sans-serif;font-size:12.8px">RT,LDAP_OPT_ON)</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">nslcd: [8b4567] &lt;authc=&quot;pgadminuser&quot;&gt; DEBUG:</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">ldap_set_option(LDAP_OPT_X_TLS</span><span style="font-family:sans-serif;font-size:12.8px">,LDAP_OPT_X_TLS_HARD)</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">nslcd: [8b4567] &lt;authc=&quot;pgadminuser&quot;&gt; DEBUG:</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">ldap_simple_bind_s(NULL,NULL) (uri=&quot;ldaps://</span><a href="http://192.168.39.144:636/" style="text-decoration-line:none;color:rgb(66,133,244);font-family:sans-serif;font-size:12.8px">192.168.39.144:636/</a><span style="font-family:sans-serif;font-size:12.8px">&quot;)</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">nslcd: [8b4567] &lt;authc=&quot;pgadminuser&quot;&gt; failed to bind to LDAP server</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">ldaps://</span><a href="http://192.168.39.144:636/" style="text-decoration-line:none;color:rgb(66,133,244);font-family:sans-serif;font-size:12.8px">192.168.39.144:636/</a><span style="font-family:sans-serif;font-size:12.8px">: Can&#39;t contact LDAP server:</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">error:14090086:SSL routines:ssl3_get_server_certi</span><span style="font-family:sans-serif;font-size:12.8px">ficate:certificate</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">verify failed (self signed certificate in ...</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">nslcd: [8b4567] &lt;authc=&quot;pgadminuser&quot;&gt; DEBUG: ldap_unbind()</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">nslcd: [8b4567] &lt;authc=&quot;pgadminuser&quot;&gt; no available LDAP server found:</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">Can&#39;t contact LDAP server</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">nslcd: [8b4567] &lt;authc=&quot;pgadminuser&quot;&gt; DEBUG: &quot;pgadminuser&quot;: user not</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">found: Can&#39;t contact LDAP server</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">&quot;&quot;&quot;</span><br style="font-family:sans-serif;font-size:12.8px"><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">but i can authenticate using ldap directly from postgres.</span><br style="font-family:sans-serif;font-size:12.8px"><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">so my question is: can i surpass pgpool and authenticate directly in postgres?</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">everytime i try that pgpool ask for the user to be in pool_hba but the</span><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">password is stored in ldap and can change at any time.</span><br style="font-family:sans-serif;font-size:12.8px"><br style="font-family:sans-serif;font-size:12.8px"><span style="font-family:sans-serif;font-size:12.8px">suggestions?</span><br><br><div data-smartmail="gmail_signature">--<br>Jaime Casanova<br>2ndQuadrant<br>Su diligente equipo de expertos en PostgreSQL</div></div>