Skip site navigation (1) Skip section navigation (2)

Re: implement ldap authentication in PostgreSQL

From: mitra nazemian <nazemian(dot)mitra(at)gmail(dot)com>
To: Andreas Wenk <a(dot)wenk(at)netzmeister-st-pauli(dot)de>
Cc: pgsql-admin(at)postgresql(dot)org
Subject: Re: implement ldap authentication in PostgreSQL
Date: 2009-07-22 09:01:38
Message-ID: ab8b7fb10907220201r141ae855ra42eec50ecbc2dbe@mail.gmail.com (view raw or flat)
Thread:
Lists: pgsql-admin
Excuse me, I have another question.
should I run ldapserver in linux for using ldap autentication in PostgreSQL?
Thanks

On Wed, Jul 22, 2009 at 8:47 AM, mitra nazemian <nazemian(dot)mitra(at)gmail(dot)com>wrote:

>
> Oh. ok, thanks.
> but can you suggest me a book to get some info about LDAP and how to use
> it. I am in hurry.
> I am in a hurry for it.
>
> Thanks
> -Mitra
>
>   On Wed, Jul 22, 2009 at 8:39 AM, Andreas Wenk <
> a(dot)wenk(at)netzmeister-st-pauli(dot)de> wrote:
>
>> mitra nazemian schrieb:
>>
>>> hi,
>>> thanks. I know that I shoud use it
>>> host    all         all          127.0.0.1/32 <http://127.0.0.1/32>
>>>     ldap  / ldap:// <ldap://your.domain.com/dc=company,dc=com;uid=
>>> ;,ou=employees,dc=company,dc=com>your.domain.com/dc=company,dc=com;uid=<
>>> http://your.domain.com/dc=company,dc=com;uid=>;,ou=employees,dc=company,dc=com
>>>
>>> in pg_hba.conf. I have a basic problem. I am new in PostgreSQL and linux.
>>> I dont know where I shoud define dc, ou and my domain.
>>> thanks in advance.
>>>
>>
>> ok - I think you should first get some info about LDAP and how to use it.
>> What I've shown is the way you can handle a ldap authentication and that's
>> it what you can do or have to set up in postgresql's pg_hba.conf. The rest
>> is not related to postgresql at all (setting up a directory in ldap and so
>> on).
>>
>> Cheers
>>
>> Andy
>>
>>    On Tue, Jul 21, 2009 at 10:38 AM, Andreas Wenk <
>>> a(dot)wenk(at)netzmeister-st-pauli(dot)de <mailto:a(dot)wenk(at)netzmeister-st-pauli(dot)de>>
>>> wrote:
>>>
>>>    Andreas Wenk schrieb:
>>>
>>>        mitra nazemian schrieb:
>>>
>>>            thanks
>>>            but I has read them. I dont understand where I shoud spacify
>>>            the cn, dn  in postgresql too use them in pg_hba.conf.
>>>            please help me
>>>
>>>            On Mon, Jul 20, 2009 at 11:50 AM, Andreas Wenk
>>>            <a(dot)wenk(at)netzmeister-st-pauli(dot)de
>>>            <mailto:a(dot)wenk(at)netzmeister-st-pauli(dot)de>
>>>            <mailto:a(dot)wenk(at)netzmeister-st-pauli(dot)de
>>>            <mailto:a(dot)wenk(at)netzmeister-st-pauli(dot)de>>> wrote:
>>>
>>>               mitra nazemian schrieb:
>>>
>>>                   hi,
>>>                   I want too implement ldap authentication in
>>>            PostgreSQL in linux,
>>>                   but I cant.
>>>                   Please help me...
>>>                   Tanx
>>>
>>>               Hi,
>>>
>>>               first you should understand the basics of authentication
>>>            in postgresql.
>>>
>>>
>>> http://www.postgresql.org/docs/current/static/client-authentication.html
>>>
>>>               Then jump to this manual part:
>>>
>>>
>>> http://www.postgresql.org/docs/current/static/auth-methods.html#AUTH-LDAP
>>>
>>>               Cheers
>>>
>>>               Andy
>>>
>>>               --     Sent via pgsql-admin mailing list
>>>            (pgsql-admin(at)postgresql(dot)org <mailto:
>>> pgsql-admin(at)postgresql(dot)org>
>>>               <mailto:pgsql-admin(at)postgresql(dot)org
>>>            <mailto:pgsql-admin(at)postgresql(dot)org>>)
>>>               To make changes to your subscription:
>>>               http://www.postgresql.org/mailpref/pgsql-admin
>>>
>>>
>>>        Hi ,
>>>
>>>        for postgresql versions 8.2, 8.3 use this in your pg_hba.conf:
>>>
>>>        host    all         all          127.0.0.1/32
>>>        <http://127.0.0.1/32>          ldap  /
>>>        "ldap://your.domain.com/dc=company,dc=com;uid=
>>>        <http://your.domain.com/dc=company,dc=com;uid=>;,ou=employees,dc=company,dc=com"
>>>
>>>
>>>
>>>        In postgresql 8.4 use this:
>>>
>>>        host    all         all         127.0.0.1/32
>>>        <http://127.0.0.1/32>          ldap ldapserver=your.domain.com
>>>        <http://your.domain.com/> / ldapprefix="uid="
>>>        ldapsuffix=",ou=employees,dc=company,dc=com"
>>>
>>>        This is not tested since I don't have ldap support in 8.4. But
>>>        it's the way it works.
>>>
>>>        Everything is in one line. You have to set your.domain.com
>>>        <http://your.domain.com/>, company, com and employees.
>>>
>>>        A small hint - please don't forget to reply also to the list ...
>>>
>>>        Cheers
>>>
>>>        Andy
>>>
>>>        P.S.: As I am not a sysadmin, thanks for help goes to Andreas
>>>        Putzo ;-)
>>>
>>>
>>>    just had a look to my reply and I saw everything in one line. So the
>>>    / sign is just to mark a line break - just drop it ....
>>>
>>>    Cheers
>>>
>>>    Andy
>>>
>>>
>>>
>

In response to

Responses

pgsql-admin by date

Next:From: Andreas WenkDate: 2009-07-22 09:24:54
Subject: Re: implement ldap authentication in PostgreSQL
Previous:From: mitra nazemianDate: 2009-07-22 08:47:08
Subject: Re: implement ldap authentication in PostgreSQL

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group