| Hi Roger, Here is the high level process: 1- Create the user x without password in Postgres. 2- Assign role or roles to the user x 3- Update pg_hba.conf with the ldap connection link.
You might need cert for the ldap to connect to AD, assuming you are using AD.
Regards, Emile On 21 Aug 2023, at 10:42, Roger Tannous <roger.tannous@xxxxxxxxx> wrote:
Hello,
In section 21.10 LDAP Authentication of the documentation, it says that the DB user must already exist in the database before LDAP can be used for authentication.
I'm checking the possibility to use LDAP Authentication with Postgres, but I'm confused about the user creation that must be initially done regarding the value of the password.
Suppose I create user_x with pass_x, this user will be able to connect to the DB using these credentials and, of course, depending on the role assigned to them.
But once I configure LDAP authentication on the database server, user_x has to connect to the database according to whatever is set up in LDAP, and the initially configured password becomes obsolete ? Is that correct ?
Thank you in advance,
Roger
|
