Re: implement ldap authentication in PostgreSQL

Excuse me, I have another question.
should I run ldapserver in linux for using ldap autentication in PostgreSQL?
Thanks

On Wed, Jul 22, 2009 at 8:47 AM, mitra nazemian <nazemian(dot)mitra(at)gmail(dot)com>wrote:

>
> Oh. ok, thanks.
> but can you suggest me a book to get some info about LDAP and how to use
> it. I am in hurry.
> I am in a hurry for it.
>
> Thanks
> -Mitra
>
> On Wed, Jul 22, 2009 at 8:39 AM, Andreas Wenk <
> a(dot)wenk(at)netzmeister-st-pauli(dot)de> wrote:
>
>> mitra nazemian schrieb:
>>
>>> hi,
>>> thanks. I know that I shoud use it
>>> host all all 127.0.0.1/32 <http://127.0.0.1/32>
>>> ldap / ldap:// <ldap://your.domain.com/dc=company,dc=com;uid=
>>> ;,ou=employees,dc=company,dc=com>your.domain.com/dc=company,dc=com;uid=<
>>> http://your.domain.com/dc=company,dc=com;uid=>;,ou=employees,dc=company,dc=com
>>>
>>> in pg_hba.conf. I have a basic problem. I am new in PostgreSQL and linux.
>>> I dont know where I shoud define dc, ou and my domain.
>>> thanks in advance.
>>>
>>
>> ok - I think you should first get some info about LDAP and how to use it.
>> What I've shown is the way you can handle a ldap authentication and that's
>> it what you can do or have to set up in postgresql's pg_hba.conf. The rest
>> is not related to postgresql at all (setting up a directory in ldap and so
>> on).
>>
>> Cheers
>>
>> Andy
>>
>> On Tue, Jul 21, 2009 at 10:38 AM, Andreas Wenk <
>>> a(dot)wenk(at)netzmeister-st-pauli(dot)de <mailto:a(dot)wenk(at)netzmeister-st-pauli(dot)de>>
>>> wrote:
>>>
>>> Andreas Wenk schrieb:
>>>
>>> mitra nazemian schrieb:
>>>
>>> thanks
>>> but I has read them. I dont understand where I shoud spacify
>>> the cn, dn in postgresql too use them in pg_hba.conf.
>>> please help me
>>>
>>> On Mon, Jul 20, 2009 at 11:50 AM, Andreas Wenk
>>> <a(dot)wenk(at)netzmeister-st-pauli(dot)de
>>> <mailto:a(dot)wenk(at)netzmeister-st-pauli(dot)de>
>>> <mailto:a(dot)wenk(at)netzmeister-st-pauli(dot)de
>>> <mailto:a(dot)wenk(at)netzmeister-st-pauli(dot)de>>> wrote:
>>>
>>> mitra nazemian schrieb:
>>>
>>> hi,
>>> I want too implement ldap authentication in
>>> PostgreSQL in linux,
>>> but I cant.
>>> Please help me...
>>> Tanx
>>>
>>> Hi,
>>>
>>> first you should understand the basics of authentication
>>> in postgresql.
>>>
>>>
>>> http://www.postgresql.org/docs/current/static/client-authentication.html
>>>
>>> Then jump to this manual part:
>>>
>>>
>>> http://www.postgresql.org/docs/current/static/auth-methods.html#AUTH-LDAP
>>>
>>> Cheers
>>>
>>> Andy
>>>
>>> -- Sent via pgsql-admin mailing list
>>> (pgsql-admin(at)postgresql(dot)org <mailto:
>>> pgsql-admin(at)postgresql(dot)org>
>>> <mailto:pgsql-admin(at)postgresql(dot)org
>>> <mailto:pgsql-admin(at)postgresql(dot)org>>)
>>> To make changes to your subscription:
>>> http://www.postgresql.org/mailpref/pgsql-admin
>>>
>>>
>>> Hi ,
>>>
>>> for postgresql versions 8.2, 8.3 use this in your pg_hba.conf:
>>>
>>> host all all 127.0.0.1/32
>>> <http://127.0.0.1/32> ldap /
>>> "ldap://your.domain.com/dc=company,dc=com;uid=
>>> <http://your.domain.com/dc=company,dc=com;uid=>;,ou=employees,dc=company,dc=com"
>>>
>>>
>>>
>>> In postgresql 8.4 use this:
>>>
>>> host all all 127.0.0.1/32
>>> <http://127.0.0.1/32> ldap ldapserver=your.domain.com
>>> <http://your.domain.com/> / ldapprefix="uid="
>>> ldapsuffix=",ou=employees,dc=company,dc=com"
>>>
>>> This is not tested since I don't have ldap support in 8.4. But
>>> it's the way it works.
>>>
>>> Everything is in one line. You have to set your.domain.com
>>> <http://your.domain.com/>, company, com and employees.
>>>
>>> A small hint - please don't forget to reply also to the list ...
>>>
>>> Cheers
>>>
>>> Andy
>>>
>>> P.S.: As I am not a sysadmin, thanks for help goes to Andreas
>>> Putzo ;-)
>>>
>>>
>>> just had a look to my reply and I saw everything in one line. So the
>>> / sign is just to mark a line break - just drop it ....
>>>
>>> Cheers
>>>
>>> Andy
>>>
>>>
>>>
>