| From: | Sim Zacks <sim(at)compulab(dot)co(dot)il> |
|---|---|
| To: | PostgreSQL general <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: ldap authentication multiple ou objects |
| Date: | 2011-02-24 11:35:38 |
| Message-ID: | 4D66428A.4010102@compulab.co.il |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On 02/23/2011 10:27 PM, Magnus Hagander wrote:
> On Wed, Feb 23, 2011 at 11:43, Sim Zacks<sim(at)compulab(dot)co(dot)il> wrote:
>> Is there a way to do ldap authentication in pg_hba on a structure that has
>> multiple ou objects?
>>
>> Lets say I have an ou=Users and then an ou per dept.
>>
>> I want the ldap to do authentication no matter which ou the user is in.
>>
>>
>> My current ldap string is:
>>
>> ldap://ldap.server.local/Users;uid=;,ou=Users,dc=server,dc=local
>>
>> and it works if the user is only in the ou=Users but if he is in any sub ou
>> it gives authentication failed.
> Yes, if you use the search+bind mode you can search across a
> hierarchy. See http://www.postgresql.org/docs/9.0/static/auth-methods.html#AUTH-LDAP,
> look under "search+bind".
I guess that's new in 9.0 We're still stuck in 8.2land for the time being.
Thanks
Sim
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Linas Virbalas | 2011-02-24 12:39:02 | Re: Mysql to Postgresql |
| Previous Message | Ahmed Shinwari | 2011-02-24 10:37:49 | Re: "could not accept SSPI security context" |