PAM authentication is not working for PostgreSQL on RHEL
Issue
- PostgreSQL is configured to use PAM with AD users, per How do I configure postgresql to use PAM for authentication on Red Hat Enterprise Linux?, but is failing with this error:
$ psql -U ADuser
Password for user ADuser:
psql: error: could not connect to server: could not initiate GSSAPI security context: Unspecified GSS failure. Minor code may provide more information
could not initiate GSSAPI security context: Server not found in Kerberos database
FATAL: PAM authentication failed for user "ADuser"
And /var/log/secure
shows that the auth
type pass, but account
type failed:
May 22 14:00:00 example journal[10000]: user1 postgres 10.0.0.1(10000) authentication: pam_sss(postgresql:auth): authentication success; logname= uid=1234567 euid=1234567 tty= ruser= rhost=10.0.0.1 user=user1
May 22 14:00:00 cvepdbd01 journal[10000]: user1 postgres 10.0.0.1(10000) authentication: pam_sss(postgresql:account): Access denied for user user1: 6 (Permission denied)
Environment
- RHEL 7
- RHEL 8
- Active Directory
- PostgreSQL
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.