Re: implement ldap authentication in PostgreSQL

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

hi,
thanks. I know that I shoud use it
host    all         all          127.0.0.1/32          ldap  / ldap://your.domain.com/dc=company,dc=com;uid=;,ou=employees,dc=company,dc=com
in pg_hba.conf. I have a basic problem. I am new in PostgreSQL and linux.
I dont know where I shoud define dc, ou and my domain.
thanks in advance.


 
On Tue, Jul 21, 2009 at 10:38 AM, Andreas Wenk <a.wenk@xxxxxxxxxxxxxxxxxxxxxxx> wrote:
Andreas Wenk schrieb:

mitra nazemian schrieb:
thanks
but I has read them. I dont understand where I shoud spacify the cn, dn  in postgresql too use them in pg_hba.conf.
please help me

On Mon, Jul 20, 2009 at 11:50 AM, Andreas Wenk <a.wenk@xxxxxxxxxxxxxxxxxxxxxxx <mailto:a.wenk@xxxxxxxxxxxxxxxxxxxxxxx>> wrote:

   mitra nazemian schrieb:

       hi,
       I want too implement ldap authentication in PostgreSQL in linux,
       but I cant.
       Please help me...
       Tanx

   Hi,

   first you should understand the basics of authentication in postgresql.

   http://www.postgresql.org/docs/current/static/client-authentication.html

   Then jump to this manual part:

   http://www.postgresql.org/docs/current/static/auth-methods.html#AUTH-LDAP

   Cheers

   Andy

   --     Sent via pgsql-admin mailing list (pgsql-admin@xxxxxxxxxxxxxx
   <mailto:pgsql-admin@xxxxxxxxxxxxxx>)
   To make changes to your subscription:
   http://www.postgresql.org/mailpref/pgsql-admin

Hi ,

for postgresql versions 8.2, 8.3 use this in your pg_hba.conf:

host    all         all          127.0.0.1/32          ldap  / "ldap://your.domain.com/dc=company,dc=com;uid=;,ou=employees,dc=company,dc=com"

In postgresql 8.4 use this:

host    all         all         127.0.0.1/32          ldap ldapserver=your.domain.com / ldapprefix="uid=" ldapsuffix=",ou=employees,dc=company,dc=com"

This is not tested since I don't have ldap support in 8.4. But it's the way it works.

Everything is in one line. You have to set your.domain.com, company, com and employees.

A small hint - please don't forget to reply also to the list ...

Cheers

Andy

P.S.: As I am not a sysadmin, thanks for help goes to Andreas Putzo ;-)

just had a look to my reply and I saw everything in one line. So the / sign is just to mark a line break - just drop it ....

Cheers

Andy

[Index of Archives]     [KVM ARM]     [KVM ia64]     [KVM ppc]     [Virtualization Tools]     [Spice Development]     [Libvirt]     [Libvirt Users]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite Questions]     [Linux Kernel]     [Linux SCSI]     [XFree86]

  Powered by Linux