On Fri, Dec 10, 2004 at 20:50:56 -0500,
Ron Peterson <rpeterso@mtholyoke.edu> wrote:
> On Fri, Dec 10, 2004 at 03:20:50PM -0500, Ron Peterson wrote:
>
> > Sometimes, however, I would like to create an account in PostgreSQL
> > which I do not want to also maintain in LDAP. Is it possible to
> > configure authentication to fall through to a different method?
>
> I suppose the right thing to do is either
>
> * don't be lazy, and update my LDAP maintainance to include the
> required accounts, or
>
> * fall through in pam. Is there anything similar in concept to
> libpam-pgsql, but which simply authenticates against PostgreSQL's
> built-in authentication mechanism?
You can put per user exceptions first in your pg_hba.conf file. That way
these people will be handled by those rules, but other users can be
authenticated using pam.