pg_hba LDAP Authentication syntax
Howdy,
I was hoping someone could help me with ye olde ldap authentication syntax.
I'm currently using PG 8.3.9 and an upgrade is not an option.
Now, that being said, since i'm very new to LDAP i decided to use PG 9 to experiment with
since it looks like it has an easier syntax.
So what i've got working in PG9 is the following:
<hba stuff> ldap ldapserver=w.x.y.z ldapbinddn="cn=admin,dc=domain,dc=com" ldapbindpasswd="password"
ldapbasedn="ou=postgresql,dc=domain,dc=com"
I'm trying to translate that to the old syntax of:
<hba stuff> ldap "ldap://w.x.y.z/ou=postgresql,dc=domain,dc=com;<stuff>"
basically, i don't know how to fit cn=admin and ldapbindpassword into that string.
Thanks
Dave
On Thu, Nov 4, 2010 at 13:54, David Kerr <dmk@mr-paradox.net> wrote:
Howdy,
I was hoping someone could help me with ye olde ldap authentication syntax.
I'm currently using PG 8.3.9 and an upgrade is not an option.
Now, that being said, since i'm very new to LDAP i decided to use PG 9 to experiment with
since it looks like it has an easier syntax.So what i've got working in PG9 is the following:
<hba stuff> ldap ldapserver=w.x.y.z ldapbinddn="cn=admin,dc=domain,dc=com" ldapbindpasswd="password"
ldapbasedn="ou=postgresql,dc=domain,dc=com"I'm trying to translate that to the old syntax of:
<hba stuff> ldap "ldap://w.x.y.z/ou=postgresql,dc=domain,dc=com;<stuff>"basically, i don't know how to fit cn=admin and ldapbindpassword into that string.
The search+bind feature is not available on 8.3 - it's a new feature in 9.0.
--
Magnus Hagander
Me: http://www.hagander.net/
Work: http://www.redpill-linpro.com/
On Thu, Nov 04, 2010 at 02:07:29PM -0700, Magnus Hagander wrote:
- >
- > I'm trying to translate that to the old syntax of:
- > <hba stuff> � � ldap "ldap://w.x.y.z/ou=postgresql,dc=domain,dc=com;<stuff>"
- >
- > basically, i don't know how to fit cn=admin and ldapbindpassword into that string.
-
- The search+bind feature is not available on 8.3 - it's a new feature in 9.0.
Not 8.4?
http://www.postgresql.org/docs/8.4/interactive/auth-methods.html
Dave
On Thu, Nov 4, 2010 at 15:30, David Kerr <dmk@mr-paradox.net> wrote:
On Thu, Nov 04, 2010 at 02:07:29PM -0700, Magnus Hagander wrote:
- >
- > I'm trying to translate that to the old syntax of:
- > <hba stuff> ldap "ldap://w.x.y.z/ou=postgresql,dc=domain,dc=com;<stuff>"
- >
- > basically, i don't know how to fit cn=admin and ldapbindpassword into that string.
-
- The search+bind feature is not available on 8.3 - it's a new feature in 9.0.Not 8.4?
http://www.postgresql.org/docs/8.4/interactive/auth-methods.html
No. 8.4 had only the prefix/suffix method, the search/bind method was
added in 9.0.That's why the parameters for search/bind don't exist in
8.4.
--
Magnus Hagander
Me: http://www.hagander.net/
Work: http://www.redpill-linpro.com/
On Thu, Nov 04, 2010 at 03:35:11PM -0700, Magnus Hagander wrote:
- On Thu, Nov 4, 2010 at 15:30, David Kerr <dmk@mr-paradox.net> wrote:
- > On Thu, Nov 04, 2010 at 02:07:29PM -0700, Magnus Hagander wrote:
- > - >
- > - > I'm trying to translate that to the old syntax of:
- > - > <hba stuff> � � ldap "ldap://w.x.y.z/ou=postgresql,dc=domain,dc=com;<stuff>"
- > - >
- > - > basically, i don't know how to fit cn=admin and ldapbindpassword into that string.
- > -
- > - The search+bind feature is not available on 8.3 - it's a new feature in 9.0.
- >
- > Not 8.4?
- > http://www.postgresql.org/docs/8.4/interactive/auth-methods.html
- >
-
- No. 8.4 had only the prefix/suffix method, the search/bind method was
- added in 9.0.That's why the parameters for search/bind don't exist in
- 8.4.
Ok thanks.
Dave