| From: | Joseph Kregloh <jkregloh(at)sproutloud(dot)com> |
|---|---|
| To: | pgsql-general <pgsql-general(at)postgresql(dot)org> |
| Subject: | Force pg_hba.conf user with LDAP |
| Date: | 2016-08-01 18:40:07 |
| Message-ID: | CAAW2xfcZjTD6pzkvE1MhQD9-FEax5KXiGvk=KBeii45xH5OYoA@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Hi,
Is there a way to force the user being sent to LDAP?
For example I have the following entry in my pg_hba.conf file:
host apdb apuser 10.0.20.1/22 ldap
ldapserver="389-ds1.sl.com:389" ldapbasedn="dc=sl,dc=com"
- I will be connecting as apuser.
- I will supply my own user's password.
When PostgreSQL does the authentication I would like it to replace apuser
with jkregloh.
The reason why I want to do this is to limit power granted to a user. For
example I want to be able to user my regular user jkregloh for everyday
things. But when I need super user actions I will login using apuser. Now
this is easy enough to do without LDAP. But if I disable my user via LDAP
it would remove access from both my regular user and my superuser, that's
the functionality I am looking for.
I am pretty sure this is not possible, but I am floating the question
anyways in hope of suggestions.
-Joseph
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jeff Janes | 2016-08-01 18:54:00 | Re: Uber migrated from Postgres to MySQL |
| Previous Message | Karsten Hilbert | 2016-08-01 17:29:45 | Re: Can stored procedures be deployed online |