Skip site navigation (1) Skip section navigation (2)

Re: implement ldap authentication in PostgreSQL

From: mitra nazemian <nazemian(dot)mitra(at)gmail(dot)com>
To: Andreas Wenk <a(dot)wenk(at)netzmeister-st-pauli(dot)de>
Cc: pgsql-admin(at)postgresql(dot)org
Subject: Re: implement ldap authentication in PostgreSQL
Date: 2009-07-22 08:47:08
Message-ID: ab8b7fb10907220147hf603b48m2a79ed6907b8d914@mail.gmail.com (view raw or flat)
Thread:
Lists: pgsql-admin
Oh. ok, thanks.
but can you suggest me a book to get some info about LDAP and how to use it.
I am in hurry.
I am in a hurry for it.

Thanks
-Mitra

On Wed, Jul 22, 2009 at 8:39 AM, Andreas Wenk <
a(dot)wenk(at)netzmeister-st-pauli(dot)de> wrote:

> mitra nazemian schrieb:
>
>> hi,
>> thanks. I know that I shoud use it
>> host    all         all          127.0.0.1/32 <http://127.0.0.1/32>
>>   ldap  / ldap:// <ldap://your.domain.com/dc=company,dc=com;uid=
>> ;,ou=employees,dc=company,dc=com>your.domain.com/dc=company,dc=com;uid= <
>> http://your.domain.com/dc=company,dc=com;uid=>;,ou=employees,dc=company,dc=com
>>
>> in pg_hba.conf. I have a basic problem. I am new in PostgreSQL and linux.
>> I dont know where I shoud define dc, ou and my domain.
>> thanks in advance.
>>
>
> ok - I think you should first get some info about LDAP and how to use it.
> What I've shown is the way you can handle a ldap authentication and that's
> it what you can do or have to set up in postgresql's pg_hba.conf. The rest
> is not related to postgresql at all (setting up a directory in ldap and so
> on).
>
> Cheers
>
> Andy
>
>    On Tue, Jul 21, 2009 at 10:38 AM, Andreas Wenk <
>> a(dot)wenk(at)netzmeister-st-pauli(dot)de <mailto:a(dot)wenk(at)netzmeister-st-pauli(dot)de>>
>> wrote:
>>
>>    Andreas Wenk schrieb:
>>
>>        mitra nazemian schrieb:
>>
>>            thanks
>>            but I has read them. I dont understand where I shoud spacify
>>            the cn, dn  in postgresql too use them in pg_hba.conf.
>>            please help me
>>
>>            On Mon, Jul 20, 2009 at 11:50 AM, Andreas Wenk
>>            <a(dot)wenk(at)netzmeister-st-pauli(dot)de
>>            <mailto:a(dot)wenk(at)netzmeister-st-pauli(dot)de>
>>            <mailto:a(dot)wenk(at)netzmeister-st-pauli(dot)de
>>            <mailto:a(dot)wenk(at)netzmeister-st-pauli(dot)de>>> wrote:
>>
>>               mitra nazemian schrieb:
>>
>>                   hi,
>>                   I want too implement ldap authentication in
>>            PostgreSQL in linux,
>>                   but I cant.
>>                   Please help me...
>>                   Tanx
>>
>>               Hi,
>>
>>               first you should understand the basics of authentication
>>            in postgresql.
>>
>>
>> http://www.postgresql.org/docs/current/static/client-authentication.html
>>
>>               Then jump to this manual part:
>>
>>
>> http://www.postgresql.org/docs/current/static/auth-methods.html#AUTH-LDAP
>>
>>               Cheers
>>
>>               Andy
>>
>>               --     Sent via pgsql-admin mailing list
>>            (pgsql-admin(at)postgresql(dot)org <mailto:pgsql-admin(at)postgresql(dot)org
>> >
>>               <mailto:pgsql-admin(at)postgresql(dot)org
>>            <mailto:pgsql-admin(at)postgresql(dot)org>>)
>>               To make changes to your subscription:
>>               http://www.postgresql.org/mailpref/pgsql-admin
>>
>>
>>        Hi ,
>>
>>        for postgresql versions 8.2, 8.3 use this in your pg_hba.conf:
>>
>>        host    all         all          127.0.0.1/32
>>        <http://127.0.0.1/32>          ldap  /
>>        "ldap://your.domain.com/dc=company,dc=com;uid=
>>        <http://your.domain.com/dc=company,dc=com;uid=>;,ou=employees,dc=company,dc=com"
>>
>>
>>
>>        In postgresql 8.4 use this:
>>
>>        host    all         all         127.0.0.1/32
>>        <http://127.0.0.1/32>          ldap ldapserver=your.domain.com
>>        <http://your.domain.com/> / ldapprefix="uid="
>>        ldapsuffix=",ou=employees,dc=company,dc=com"
>>
>>        This is not tested since I don't have ldap support in 8.4. But
>>        it's the way it works.
>>
>>        Everything is in one line. You have to set your.domain.com
>>        <http://your.domain.com/>, company, com and employees.
>>
>>        A small hint - please don't forget to reply also to the list ...
>>
>>        Cheers
>>
>>        Andy
>>
>>        P.S.: As I am not a sysadmin, thanks for help goes to Andreas
>>        Putzo ;-)
>>
>>
>>    just had a look to my reply and I saw everything in one line. So the
>>    / sign is just to mark a line break - just drop it ....
>>
>>    Cheers
>>
>>    Andy
>>
>>
>>

In response to

Responses

pgsql-admin by date

Next:From: mitra nazemianDate: 2009-07-22 09:01:38
Subject: Re: implement ldap authentication in PostgreSQL
Previous:From: rahimeh khodadadiDate: 2009-07-22 08:40:08
Subject: complie postgresql with kerberos in centos

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group