From: | Olivier Nicole <Olivier(dot)Nicole(at)cs(dot)ait(dot)ac(dot)th> |
---|---|
To: | pgsql-admin(at)postgresql(dot)org |
Subject: | postgres 8.4 authentication with LDAP |
Date: | 2009-10-01 11:58:59 |
Message-ID: | 200910011158.n91Bwxkt040259@banyan.cs.ait.ac.th |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-admin |
Hi,
I am new to Postgres, but not so new with LDAP.
I installed postgres 8.4 with ldap; from 'grep -y ldap config.log':
[...]
config.log:configure_args=' '\''--with-libraries=/usr/local/lib'\''
'\''--with-includes=/usr/local/include'\''
'\''--enable-thread-safety'\'' '\''--with-openssl'\''
'\''--with-pam'\'' '\''--with-ldap'\'' '\''--with-libxml'\''
'\''--enable-nls'\'' '\''--prefix=/usr/local'\''
'\''--mandir=/usr/local/man'\'' '\''--infodir=/usr/local/info/'\''
'\''--build=i386-portbld-freebsd7.2'\''
'\''build_alias=i386-portbld-freebsd7.2'\'' '\''CC=gcc'\''
'\''CFLAGS=-O2 -fno-strict-aliasing -pipe -O3 -funroll-loops
-DLDAP_DEPRECATED'\'' '\''LDFLAGS= -pthread
-rpath=/usr/lib:/usr/local/lib -L/usr/local/lib'\''
'\''CPPFLAGS=-I/usr/local/include'\'''
config.log:with_ldap='yes'
config.log:#define USE_LDAP 1
config.log:#define HAVE_LDAP_H 1
config.log:#define HAVE_LIBLDAP 1
config.log:#define HAVE_LIBLDAP_R 1
[...]
In pg_hba.conf I have the line (wrapped for email purpose, in the
file, it's a single line):
host all all 192.41.170.0/24 ldap
ldapserver=ldap.cs.ait.ac.th ldapport=636 ldapprefx="uid="
ldapsuffix=",ou=People,ou=csim,dc=cs,dc=ait,dc=ac,dc=th"
Postgres will not start and give the error:
Oct 1 17:37:23 db2 postgres[28130]: [2-1] FATAL: could not load pg_hba.conf
If I use an authentication different than ldap, postgres starts
nicely.
The strange thing is that with tcpdump I don't see any traffic between
postgres and ldap server, not even the slightest begining of a
connection.
What could be the cause?
Subsidiary questions regardin the configuration of ldap in postgres:
- most configuration I have set so far need to specify a version for
ldap, version 3, how to specify the version number?
- my ldap server supports SSL (ldaps://ldap.cs.ait.ac.th), but not
TLS, how can I configure that?
- each user un ldap have some attributes saying that he is allowed to
use one or the other service, how to set a filter in postgres
options to ldap?
Best regards,
Olivier
From | Date | Subject | |
---|---|---|---|
Next Message | Kenneth Banyas | 2009-10-01 13:32:05 | Seek info on 7.4.23 server/8.1.1 psql compatibility issues. |
Previous Message | Ken Banyas | 2009-09-30 21:56:15 | Seek info on 7.4.23 server/8.1.1 psql compatibility issues. |