From: | Joseph Kregloh <jkregloh(at)sproutloud(dot)com> |
---|---|
To: | pgsql-general <pgsql-general(at)postgresql(dot)org> |
Subject: | LDAP Authentication |
Date: | 2015-04-22 18:37:37 |
Message-ID: | CAAW2xfeLtuCKo4q2iN1buD+2wLOy8aNEvCdu--6jAvWJONJ4Gg@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-general |
I am currently setting up various environments to allow our developers to
login to Postgresql using their LDAP password. Also limiting the servers
they can access.
I have successfully setup LDAP and setup simple authentication using simple
bind. This was my test case. Now I need to move to the next lever which
would be search and bind. This will allow me to grant access to particular
servers for some people. I am not sure where or how the ldapsearchattibute
comes into play.
For example, this would be the search filter I will
use: (&(objectClass=posixAccount)(uid=$username)(|(host=$hostname)(host=$fqdn)(host=\\*)))
So it makes sure that the object class is possixAccount and the user id is
$username, next match is, host = $hostname or host = $fqdn or host = *.
These are attributes on the user's account.
How will Postgres match the username? How does it pass it to the query,
everything else I can hardcode into the search filter.
Would an ldapurl be better here? But again how will I pass the uid to the
ldapurl?
Thanks,
-Joseph Kregloh
From | Date | Subject | |
---|---|---|---|
Next Message | Steve Crawford | 2015-04-22 18:40:02 | ERROR: could not open relation with OID |
Previous Message | puneet252002 | 2015-04-22 17:49:03 | Connecting to 2 different DB on same machine |