Re: pg_hba.conf "authentication file token too long, skipping"

Поиск
Список
Период
Сортировка
От Tom Lane
Тема Re: pg_hba.conf "authentication file token too long, skipping"
Дата
Msg-id 1567990.1690217495@sss.pgh.pa.us
обсуждение исходный текст
Ответ на pg_hba.conf "authentication file token too long, skipping"  ("Zechman, Derek S" <Derek.S.Zechman@snapon.com>)
Ответы RE: pg_hba.conf "authentication file token too long, skipping"  ("Zechman, Derek S" <Derek.S.Zechman@snapon.com>)
Список pgsql-bugs
Дерево обсуждения 
"Zechman, Derek S" <Derek.S.Zechman@snapon.com> writes:
> hostssl all +fnc_personal_account_rl XXX.XX.X.X/16 ldap ldapserver=xxxx-xxxx-xx-xx.mydomainname.com
ldapbasedn="OU=Users,OU=Primary,OU=All,DC=mydomainname,DC=com"
ldapbinddn="CN=abc_postgres_sa,OU=T1-ServiceAccounts,OU=Tier1,OU=Admin,OU=All,DC=mydomainname,DC=com"
ldapbindpasswd="30characterpassword"
ldapsearchfilter="(&(objectClass=user)(sAMAccountName=$username)(|(memberof=CN=xxx,OU=Groups,OU=Primary,OU=All,DC=mydomainname,DC=com)(memberof=CN=XxxxxxXXXx,OU=Groups,OU=Primary,OU=All,DC=mydomainname,DC=com)(memberof=CN=xxxxxxxxxxxxxx,OU=Groups,OU=Primary,OU=All,DC=mydomainname,DC=com)))"

Yeah, your ldapsearchfilter option is hitting the 256-byte MAX_TOKEN
limit in hba.c.  A one-line improvement would be to increase that
constant, but it doesn't look very much harder to get rid of that
fixed-size buffer altogether in favor of a StringInfo.

            regards, tom lane

В списке pgsql-bugs по дате отправления:

Предыдущее
От: "Zechman, Derek S"
Дата:
Сообщение: pg_hba.conf "authentication file token too long, skipping"
Следующее
От: Andres Martin del Campo Campos
Дата:
Сообщение: Re: BUG #18027: Logical replication taking forever