Re: implement ldap authentication in PostgreSQL

Andreas Wenk schrieb:

mitra nazemian schrieb:

thanks
but I has read them. I dont understand where I shoud spacify the cn, dn  in postgresql too use them in pg_hba.conf.
please help me

On Mon, Jul 20, 2009 at 11:50 AM, Andreas Wenk <a.wenk@netzmeister-st-pauli.de <mailto:a.wenk@netzmeister-st-pauli.de>> wrote:

   mitra nazemian schrieb:

       hi,
       I want too implement ldap authentication in PostgreSQL in linux,
       but I cant.
       Please help me...
       Tanx

   Hi,

   first you should understand the basics of authentication in postgresql.

   http://www.postgresql.org/docs/current/static/client-authentication.html

   Then jump to this manual part:

   http://www.postgresql.org/docs/current/static/auth-methods.html#AUTH-LDAP

   Cheers

   Andy

   --     Sent via pgsql-admin mailing list (pgsql-admin@postgresql.org
   <mailto:pgsql-admin@postgresql.org>)
   To make changes to your subscription:
   http://www.postgresql.org/mailpref/pgsql-admin

Hi ,

for postgresql versions 8.2, 8.3 use this in your pg_hba.conf:

host    all         all          127.0.0.1/32          ldap  / "ldap://your.domain.com/dc=company,dc=com;uid=;,ou=employees,dc=company,dc=com"

In postgresql 8.4 use this:

host    all         all         127.0.0.1/32          ldap ldapserver=your.domain.com / ldapprefix="uid=" ldapsuffix=",ou=employees,dc=company,dc=com"

This is not tested since I don't have ldap support in 8.4. But it's the way it works.

Everything is in one line. You have to set your.domain.com, company, com and employees.

A small hint - please don't forget to reply also to the list ...

Cheers

Andy

P.S.: As I am not a sysadmin, thanks for help goes to Andreas Putzo ;-)

just had a look to my reply and I saw everything in one line. So the / sign is just to mark a line break - just drop it ....

Cheers

Andy