Thread: Postgres 9.0 + LDAP

Hi,

I'm trying to get my database to use LDAP for authentication but
whenever I'm adding anything LDAP related to pg_hba.conf, postgres won't
start properly but shuts down silently without any error messages. Even
using the -d flag doesn't help anything to get any useful error outputs.
Since don't know much about LDAP (and I'm using an existing LDAP server
to which I don't have any direct access), I can't figure out whether
this is a general problem or just a configuration issue by me using the
wrong options for LDAP.
Right now the line I would add to the pg_hba.conf would look something
like this:
host database all CIDR ldap ldapserver=my.domain.com
ldapbasedn="dc=my,dc=domain,dc=com" ldapprefix="cn=ldap,cn=users"
ldapsuffix="dc=my,dc=domain,dc=com"

The parameters are taken from the (working) /etc/ldap.conf but I've also
tried other combinations/parameters (too many to list here). I've also
tried to find more information how to use LDAP with postgres, but nobody
seemed to have the problem of postgres not starting at all (btw the same
happens if I enter any other random text into pg_hba.conf). I've also
re-compiled postgres from source (instead of using an rpm) to make sure
the ldap support is enabled but to no avail.

So could anybody help me with this problem or point me to more
documentation or just how to get more error messages from postgres?

Thanks,

Vinzenz

On 04/13/2011 03:36 AM, Vinzenz Bildstein wrote:
> Right now the line I would add to the pg_hba.conf would look something
> like this:
> host database all CIDR ldap ldapserver=my.domain.com
> ldapbasedn="dc=my,dc=domain,dc=com" ldapprefix="cn=ldap,cn=users"
> ldapsuffix="dc=my,dc=domain,dc=com"
>
You need to include the user name field.
Mine looks like:
  ldap ldapserver=my-ldap-server.domain.local ldapprefix="uid="
ldapsuffix=",ou=Users,dc=domain,dc=local"

Where the authentication would generally look like:
uid=sim,ou=Users,dc=domain,dc=local

Sim