On Wed, Apr 22, 2015 at 5:30 PM, John R Pierce <pierce@xxxxxxxxxxxx> wrote:
On 4/22/2015 11:37 AM, Joseph Kregloh wrote:
I have successfully setup LDAP and setup simple authentication using simple bind. This was my test case. Now I need to move to the next lever which would be search and bind. This will allow me to grant access to particular servers for some people. I am not sure where or how the ldapsearchattibute comes into play.
you would do this by CREATE USER on the various servers for those people, along with GRANT. LDAP only provides authentication, it doesn't manage authorization.
I see. That would still require a manual process to create the user on each server. I was planing on using some already existing scripts to create the user automatically on all servers and then LDAP would authorize depending on attributes in their LDAP profile.
--
john r pierce, recycling bits in santa cruz
--
Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general