Re: Add ldapservice connection parameter

From: Andrew Jackson <andrewjackson947(at)gmail(dot)com>
Sent: Monday, January 12, 2026 10:50
To: pgsql-hackers <pgsql-hackers(at)postgresql(dot)org>
Subject: Add ldapservice connection parameter

Currently there exists, only in pg_service.conf, the ability to look
up connection parameters from a centralized LDAP server. This patch
expands the usability of this by allowing it to be specified directly in
a connection string instead of only in a pg_service.conf file.

Hi, Andrew,

I have one question, if LDAP has higher priority, we should put the its code to be before "service" logic, like:

+ if (ldapservice != NULL && strncmp(ldapservice, "ldap", 4) == 0) {
+ if (!ldapServiceLookup(ldapservice, options, errorMessage))
+ return 0; // return if LDAP processing succeeds.

/*
* We have to special-case the environment variable PGSERVICE here, since
* this is and should be called before inserting environment defaults for
* other connection options.
*/
if (service == NULL)
service = getenv("PGSERVICE");

/* If no service name given, nothing to do */
if (service == NULL)
return 0;

This will be consistent with how PG processes the pg_service.conf file.
See https://www.postgresql.org/docs/18/libpq-ldap.html
"Processing of pg_service.conf is terminated after a successful LDAP lookup, but is continued if the LDAP server cannot be contacted."

Thanks,
Steven