Re: LDAP service lookup

> I've just accidently stumbled upon
> http://www.postgresql.org/docs/8.2/static/libpq-ldap.html
> and thought "hey, this is what my friend, a huge BigRDBMS fan, was
> telling me about.
>
> Now that I've read it, I think it could be very useful in an
> enterpisish sort of way
> (addressing databases as "services" not as
> "host+port+database name"), and
> it could be used as an advocacy lever ("you think LDAP directory with
> DB-services
> is neat? PostgreSQL already has it").

I'm glad that *somebody* else appreciates it :^)

> Then again, apart from libpq I don't see it mentioned
> anywhere. I would like
> to have [1] a Setting-up-LDAP-for-PgSQL-HOWTO.

Being the author of the code, I'd be willing to compose one if
there is a demand.
I thought that the documentation you quoted above would be enough -
it has samples and everything.
What information is missing in your opinion?

> I would like to use it
> from DBD::Pg (I _guess_ its a matter of DBI->connect('dbi:Pg',
> 'service=foo', ...);,
> but its a wild guess). And I would like to use it from psql
> (this is a tricky
> part, since \c expects DBNAME, not a service name, and using both in
> this context would introduce ambiguity).

Good news - you can do all this.
Every client API and interface that uses libpq will be able to do
LDAP service lookup.

In 8.3 you will be able to say "psql service=myname", in 8.2 you
have to resort to "PGSERVICE=myname psql" because there is no
support for the service parameter.

Your DBD::Pg sample should work.

> Could anyone of you tell me about your setups if you use LDAP for
> this? How do you feel about it? Which LDAP server do you use?

We use Oracle's Internet Directory, but any LDAP server should do.
It's just a matter of organizing your databases in LDAP entries and
writing the corresponding LDAP searches into pg_service.conf.

The sample in the documentation works with standard LDAP objectclasses,
but you may want to use your own with more reasonable names.

Yours,
Laurenz Albe