When trying to connect to my postgres server in Azure from psql client, I get the following error, even though I am using the correct username. How can I fix this?
psql: FATAL: Invalid Username specified. Please check the Username and retry connection. The Username should be in <username#hostname> format.
As noted in the error text, you are required to follow the <username#hostname> format when trying to connect to postgresql server, whether you are doing it from psql client or using pgadmin. Using <username#hostname> format instead of just <username> should get rid of the error.
Read the quick-start documents for Azure portal and CLI to understand more about how to create and configure your postgres server.
The # sign in username works fine for objects but not connect strings. According to URI RFC-3986 username allows hex encoding. So replace the # with %40. user#host:pw#fullhost becomes user%40host:pw#fullhost
Related
I'm using pg-promise in a typescript express app.
I can log on to psql by just typing psql because the linux username is the same as the database name and I'm set to use peer authentication.
I can't seem to get pg-promise to let me do this - it always fails and gives an error that password authentication failed.
I've been looking at the pgpromise docs but can't find anything - I've tried all sorts of connection strings.
I managed to make this work for me by using a Unix Domain Socket instead of a TCP socket and connecting using a connection string.
So my connection looks like this const db = pgp('socket:/var/run/postgresql'); but presumably the /var/run/postgresql could vary by system.
I connect to my PostgreSQL databases (which run on AWS EC2 instances) using certificate authentication (and not passwords). An example of a psql command I would use to connect to one of my databases is:
psql "host=<AWS EC2 instance> user=<db user> sslcert=<path to .crt> sslkey=<path to .key> sslrootcert=<path to .crt> sslmode=require dbname=<db name>"
I would like to be able to connect Tableau Desktop to one of my databases. The standard PostgreSQL connector does not allow me to specify which SSL certs to use (but it does have a Require SSL checkbox - which I think is for encryption not authentication).
So I have tried to use the ODBC connector. I make the following entries:
Connect Using
Driver: PostgreSQL Unicode
Connection Attributes
Server: <AWS EC2 instance>
Port: 5432
Database: <db name>
Username: <db user>
String Extras: sslcert=<path to .crt>; sslkey=<path to .key>; sslrootcert=<path to .crt>; sslmode=require
By much trial and error I think the String Extras require a semicolon as a delimiter, but I still cannot connect. I get the error message:
An error occurred while communicating with Other Databases (ODBC).
Unable to connect to the server. Check that the server is running and that you have access privileges to the requested database.
FATAL: connection requires a valid client certificate
Generic ODBC requires additional configuration. The driver and DSN (data source name) must be installed and configured to match the connection.
Unable to connect to the server "<AWS EC2 instance>" using the driver "PostgreSQL Unicode". Check that the server is running and that you have access privileges to the requested database.
I would be really grateful to hear from anyone who has connected Tableau Desktop to PostgreSQL using certificate authentication and could tell me what I’m doing wrong. Cheers!
I managed to fix this myself, and just in case there's someone out there who might be vaguely interested I'll go through the salient features:
1. Created a DSN (Data Store Name)
This made testing much easier rather than constantly retyping details into dialog boxes.
Rather than create manually I used this: http://www.odbcmanager.net/
On Mac OS I had to run it as sudo from the terminal or it wouldn't create anything.
I created a User DSN, which on my Mac have details stored in /Users/<user name>/.odbc.ini
It picked up the PostgreSQL Unicode driver that I'd previously installed. On Mac OS you might need to do brew install brew install psqlodbc and/or brew install unixodbc
Most of the configuration was specified by adding key/value pairs e.g. DBNAME <db name>
Set SSLMODE verify-ca (changed from require to make behaviour specific - psql assumes verify-ca/verify-full if SSL certs are supplied)
The cert paths are set with key Pqopt, value sslcert=<path to .crt> sslkey=<path to .key> sslrootcert=<path to .crt>. Must be lower case and only spaces between entries!
Here's what it added to my user's odbc.ini file:
[<DSN name>]
Driver = <path to driver, this was mine /usr/local/lib/psqlodbcw.so>
Description = <description>
SSLMODE = verify-ca
HOST = <host>
DBNAME = <database>
PORT = 5432
UID = <db user>
Pqopt = sslcert=<path to .crt> sslkey=<path to .key> sslrootcert=<path to .crt>
2. Tableau Desktop Connection
Select Other Database (ODBC) connector.
Select the DSN you created previously (it should be automatically picked up), it will automatically populate host, port, db and user fields, then click Sign In.
Once signed in behaviour was slightly different to the dedicated PostgreSQL connector. Tables did not appear on left-hand side initially. But they are accessible - they can all be displayed by clicking on the 'contains' radio button and searching with a blank name.
Hope this helps. Let me know if you've got any questions.
I created a new postgresql 11 database cluster. I wrote a simple CRUD script using SQLAlchemy to test the connection on localhost and get "user authentication failed" output from python.
I checked the pg_hba.conf file for the new cluster and it shows:
local all ian peer
Already checked pg_authid and pg_shadow which clearly shows md5 password assigned to the db owner "ian." Also, I have checked that the new cluster is running with pg_lsclusters and it shows it running on port 5433. Checked logs after connection attempts and get the following message:
2018-11-16 10:00:59.712 PST [2102] ian#iandb1 DETAIL: User "ian" has no password assigned.
Connection matched pg_hba.conf line 94: "host all all ::1/128 md5"
A little background: I have already connected this script to the default DB cluster owned by postgres. I can connect and perform the CRUD operations fine with the postgres username and password in the connection string.
Any help would be appreciated. I think there is some type of change I need to make, but can't imagine where it needs to happen. Still learning the ropes.
Ok, well I hope this post saves someone else a little frustration, immediately after submitting this question-- which had me stumped for several hours, I found this:
source: link to article
By default, when you create a PostgreSQL cluster, password authentication for the database superuser (“postgres”) is disabled. The simplest and safest way to add a password to the “postgres” user is to connect to the local server using “psql” (see steps #1 and #2 above), then type the “\password” meta command of psql. You will be asked to enter a password and confirm it.
postgres=# \password
Enter new password:
Enter it again:
postgres=#
I substituted my new cluster owner name 'ian' and assigned a password. I ran the script and everything seems to be working fine now. These are the little things new programmers have to struggle through I guess... Thanks to anyone who can add to my explanation here.
I'm trying to use azure PostgreSQL for CKAN (ckan.org)
CKAN is using http://www.sqlalchemy.org/ for database connection.
A connection string looks like this:
engine = create_engine('postgresql://scott:tiger#myhost.postgres.database.azure.com:5432/mydatabase')
syntax is:
postgresql://username:password#hostname:5432/databasename
When trying to connect to azure postgresql I get this error:
FATAL: Invalid Username specified. Please check the Username and
retry connection. The Username should be in username#hostname format.
If I try to use the username format like this:
postgresql://scott#myhost:tiger#myhost.postgres.database.azure.com:5432/mydatabase
Then I get:
invalid port number: "tiger#myhost.postgres.database.azure.com:5432"
Has anyone solved this?
The invalid port number is caused by the # in the user name.
The connection url should look like this:
postgresql://scott%40myhost:tiger#myhost.postgres.database.azure.com:5432/mydatabase
Extending Allan Kristensen's answer, you'll end up with problem if you're using the datastore extension (Bundled with CKAN Core).
Looking at the codebase of CKAN the problem is in https://github.com/ckan/ckan/blob/555e0960c43d0ca86066b1954e5c94aad565baa7/ckanext/datastore/backend/postgres.py#L1592 (or https://github.com/ckan/ckan/blob/ckan-2.6.4/ckanext/datastore/plugin.py#L200 if you're running 2.6.5 or less)
Thus, when CKAN queries the database with SELECT has_table_privilege('scott#myhost', '_foo', 'INSERT') it's fail, as there's no user named scott#myhost. Azure is doing something funky with the usernames, as if you ask the database to list the users, you'll see that the database thinks your username is scott (Atleast that's what it did for me...)
One possible, hackish, fix is:
sed -i '' 's/read_connection_user = sa_url.make_url(self.read_url).username/read_connection_user = split(sa_url.make_url(self.read_url).username, "#")[0]/' /srv/app/src/ckan/ckanext/datastore/plugin.py
sed -i '' 's/import sys/import sys\nfrom string import split/' /srv/app/src/ckan/ckanext/datastore/plugin.py
The above works for 2.6.5. Substitute the file path with /srv/app/src/ckanext/datastore/backend/postgres.py if you're running 2.7+
The above should work until upstream have found a proper fix.
I'm building a simple web app that will deploy on Heroku, and using a Postgres database that is filled with an object from Salesforce. I did that with HerokuConnect and that works.
Now I want to see the contents of the database so that I know the table names, and I already know you can't do that on Heroku itself. So, I tried to connect to the database locally via heroku pg:psql but everytime I do that I get the error:
---> Connecting to DATABASE_URL
DL is deprecated, please use Fiddle
psql: could not connect to server: Connection refused (0x0000274D/10061)
Is the server running on host "***.***.***.**" (**.***.***.***) and accepting
TCP/IP connections on port ****?
So that doesn't work. I tried the following but to no avail:
explicitly specifiying the name of the database
specifying host, user, database name, password, port and setting sslmode=require per the user guide and this question about connecting to a heroku postgresql database.
using the method above, but instead of using heroku psql I just used psql. That asked for a password but for a user I never created (a user with my corporate system name, because this is a corporate laptop)
reinstalling Postgres
Running heroku pg:info correctly lists my database information.
I am missing something, but I don't know what it is.
"DL is deprecated, please use Fiddle" is not an error but it's only a warning.
This is due to an issue with Ruby 2 on Windows.