Home > mailing lists

Re: LDAP Authentication - Mailing list pgsql-general

From	Joseph Kregloh
Subject	Re: LDAP Authentication
Date	April 23, 2015 00:57:49
Msg-id	CAAW2xfdT9gQA1DaU_d3YmKd++rjdaHZZcwi5CnXX25Ew4RyKiA@mail.gmail.com Whole thread Raw
In response to	Re: LDAP Authentication (John R Pierce <pierce@hogranch.com>)
Responses	Re: LDAP Authentication (John R Pierce <pierce@hogranch.com>)
List	pgsql-general

Tree view

On Wed, Apr 22, 2015 at 5:30 PM, John R Pierce <pierce@hogranch.com> wrote:

On 4/22/2015 11:37 AM, Joseph Kregloh wrote:
I have successfully setup LDAP and setup simple authentication using simple bind. This was my test case. Now I need to move to the next lever which would be search and bind. This will allow me to grant access to particular servers for some people. I am not sure where or how the ldapsearchattibute comes into play.

you would do this by CREATE USER on the various servers for those people, along with GRANT. LDAP only provides authentication, it doesn't manage authorization.

I see. That would still require a manual process to create the user on each server. I was planing on using some already existing scripts to create the user automatically on all servers and then LDAP would authorize depending on attributes in their LDAP profile.

--
john r pierce, recycling bits in santa cruz

--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general

pgsql-general by date:

From: Steve Crawford
Date: 23 April 2015, 00:37:44
Subject: Re: ERROR: could not open relation with OID

From: John R Pierce
Date: 23 April 2015, 01:06:35
Subject: Re: LDAP Authentication

Re: LDAP Authentication - Mailing list pgsql-general

Previous

Next