psql: error: connection to server on socket "/tmp/.s.PGSQL.5432" failed: FATAL: role "user2" does not exist(psql:错误:无法通过套接字“/tmp/.s.PGSQL.5432”连接到服务器:严重错误:角色“user2”不存在)
[[["易于理解","easyToUnderstand","thumb-up"],["解决了我的问题","solvedMyProblem","thumb-up"],["其他","otherUp","thumb-up"]],[["很难理解","hardToUnderstand","thumb-down"],["信息或示例代码不正确","incorrectInformationOrSampleCode","thumb-down"],["没有我需要的信息/示例","missingTheInformationSamplesINeed","thumb-down"],["翻译问题","translationIssue","thumb-down"],["其他","otherDown","thumb-down"]],["最后更新时间 (UTC):2025-08-22。"],[],[],null,["# Troubleshoot Active Directory integration in AlloyDB Omni\n\nSelect a documentation version: 16.3.0keyboard_arrow_down\n\n- [Current (16.8.0)](/alloydb/omni/current/docs/troubleshoot-active-directory-integration)\n- [16.8.0](/alloydb/omni/16.8.0/docs/troubleshoot-active-directory-integration)\n- [16.3.0](/alloydb/omni/16.3.0/docs/troubleshoot-active-directory-integration)\n\n\u003cbr /\u003e\n\n|\n| **Preview\n| --- [AlloyDB Omni](/alloydb/omni/16.3.0/docs/overview)**\n|\n|\n| This feature is subject to the \"Pre-GA Offerings Terms\" in the General Service Terms section\n| of the [Service Specific Terms](/terms/service-terms#1).\n|\n| You can process personal data for this feature as outlined in the\n| [Cloud Data Processing\n| Addendum](/terms/data-processing-addendum), subject to the obligations and restrictions described in the agreement under\n| which you access Google Cloud.\n|\n| Pre-GA features are available \"as is\" and might have limited support.\n|\n| For more information, see the\n| [launch stage descriptions](/products#product-launch-stages).\n\nThis document describes errors you might encounter when you integrate Active\nDirectory in AlloyDB Omni. Examples of errors and recommended\nfixes are also provided.\n\nActive Directory isn't working\n------------------------------\n\n**Description**\n\nActive Directory isn't working in AlloyDB Omni, which is caused\nby incorrect `pg_hba.conf` entries. If the entries that you added to the\n`pg_hba.conf` file aren't valid, AlloyDB for PostgreSQL ignores those entries. As a\nresult, the specified authentication mechanism won't work.\n\n**Recommended fix**\n\nTo view the error message, including information about how to resolve the issue,\nsign into `psql` and run the following command: \n\n docker exec -it alloydb_docs psql -h localhost -U postgres\n psql (16.3)\n Type \"help\" for help.\n postgres=# table pg_hba_file_rules ;\n rule_number | file_name | line_number | type | database | user_name | address | netmask | auth_method | options | error\n -------------+--------------------------------------+-------------+---------+----------+--------------------+-----------+-----------------------------------------+-------------+--------------------------+-----------------------------------------------------\n 1 | /var/lib/postgresql/data/pg_hba.conf | 1 | host | {all} | {alloydbadmin} | 127.0.0.1 | 255.255.255.255 | trust | |\n | /var/lib/postgresql/data/pg_hba.conf | 2 | hostssl | {all} | {alloydbadmin} | ::1 | ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff | trust | | hostssl record cannot match because SSL is disabled\n | /var/lib/postgresql/data/pg_hba.conf | 3 | hostssl | {all} | {alloydbpgbouncer} | 0.0.0.0 | 0.0.0.0 | cert | {clientcert=verify-full} | hostssl record cannot match because SSL is disabled\n | /var/lib/postgresql/data/pg_hba.conf | 4 | hostssl | {all} | {alloydbpgbouncer} | ::1 | ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff | cert | {clientcert=verify-full} | hostssl record cannot match because SSL is disabled\n | /var/lib/postgresql/data/pg_hba.conf | 5 | hostssl | {all} | {alloydbadmin} | all | | reject | | hostssl record cannot match because SSL is disabled\n | /var/lib/postgresql/data/pg_hba.conf | 6 | | | | | | | | invalid CIDR mask in address \"0.0.0.0/1000\"\n 2 | /var/lib/postgresql/data/pg_hba.conf | 7 | local | {all} | {all} | | | trust | |\n\n| **Note:** For more information about this issue, open the `postgres.log` file.\n\npsql: error: connection to server on socket \"/tmp/.s.PGSQL.5432\" failed: FATAL: role \"user2\" does not exist\n-----------------------------------------------------------------------------------------------------------\n\n**Description**\n\nThis error occurs when a system user, who is trying to connect, doesn't have a\nPostgreSQL user created, or doesn't have a role mapped.\n\n**Recommended fix**\n\nCreate a role in PostgreSQL with the required username, or add an entry for this\nuser to the `pg_ident.conf` file. \n\n psql (16.3)\n Type \"help\" for help.\n\n postgres=# CREATE ROLE user2 WITH LOGIN;\n CREATE ROLE\n\nServer restart fails with error: \"could not load /var/lib/postgresql/data/pg_hba.conf\"\"\n---------------------------------------------------------------------------------------\n\n**Description**\n\nThe server restart failed because the `pg_hba.conf` contains invalid entries.\n\n**Recommended fix**\n\nCheck the `pg_hba.conf` file for invalid entries.\n\nWhat's next\n-----------\n\n- [Integrate Active Directory with AlloyDB Omni](/alloydb/omni/16.3.0/docs/integrate-active-directory)"]]
