Home > mailing lists

[ADMIN] Configuring LDAP in the pg_hba.conf file - Mailing list pgsql-admin

From	John Scalia
Subject	[ADMIN] Configuring LDAP in the pg_hba.conf file
Date	January 27, 2017 23:19:15
Msg-id	CABzCKRCa4eak2GAHoZrQft_iMvJ4CY1HaFY6YhbWxJMkODDB-g@mail.gmail.com Whole thread Raw
Responses	Re: [ADMIN] Configuring LDAP in the pg_hba.conf file (Scott Mead <scottm@openscg.com>)
List	pgsql-admin

Tree view

Hi all,

I've been slowly going nuts with trying to get LDAP authentication working. The following edited ldapsearch string works exactly as I need it:

ldapsearch -h ldap.example.com -b "dc=example,dc=com" -D "uid=pgsqlldap,cn=users,cn=accounts,dc=example,dc=com" "(&(uid=myuid)(memberOf=cn=pgsqlsandbox,cn=groups,cn=accounts,dc=example,dc=com))" -w current_password

but I can't seem to translate this into any form that will work in the pg_hba.conf file. I've tried setting the various parameters separately like ldapbinddn, ldapbindpasswd, etc., and I've tried setting ldap_prefix, ldap_suffix, etc., and I've also tried to set ldapurl, but something always seems broken.

Can anyone suggest a proper format for the pg_hba.conf line? I seem to be hung up on getting the search filter correct and I'd like to have postgresql substitute the user's id rather than hard coding one in here.

Thanks in advance,

Jay

pgsql-admin by date:

From: Ertan Küçükoğlu
Date: 27 January 2017, 18:51:46
Subject: Re: [ADMIN] Failed to set up event for socket: error code 10038

From: Scott Mead
Date: 27 January 2017, 23:33:17
Subject: Re: [ADMIN] Configuring LDAP in the pg_hba.conf file

[ADMIN] Configuring LDAP in the pg_hba.conf file - Mailing list pgsql-admin

Previous

Next