| From: | Emile Amewoto <emileam(at)yahoo(dot)com> |
|---|---|
| To: | Roger Tannous <roger(dot)tannous(at)gmail(dot)com> |
| Cc: | pgsql-general(at)lists(dot)postgresql(dot)org |
| Subject: | Re: LDAP Authentication |
| Date: | 2023-08-21 09:05:45 |
| Message-ID: | DED7ADEA-DEA4-4667-B3F7-EB5748E9A770@yahoo.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Hi Roger,
Here is the high level process:
1- Create the user x without password in Postgres.
2- Assign role or roles to the user x
3- Update pg_hba.conf with the ldap connection link.
You might need cert for the ldap to connect to AD, assuming you are using AD.
Regards,
Emile
> On 21 Aug 2023, at 10:42, Roger Tannous <roger(dot)tannous(at)gmail(dot)com> wrote:
>
> Hello,
>
> In section 21.10 LDAP Authentication <https://www.postgresql.org/docs/current/auth-ldap.html> of the documentation, it says that the DB user must already exist in the database before LDAP can be used for authentication.
>
> I'm checking the possibility to use LDAP Authentication with Postgres, but I'm confused about the user creation that must be initially done regarding the value of the password.
>
> Suppose I create user_x with pass_x, this user will be able to connect to the DB using these credentials and, of course, depending on the role assigned to them.
>
> But once I configure LDAP authentication on the database server, user_x has to connect to the database according to whatever is set up in LDAP, and the initially configured password becomes obsolete ? Is that correct ?
>
>
> Thank you in advance,
> Roger
>
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Peter J. Holzer | 2023-08-21 11:28:07 | Re: Loops and Case Statements Involving Dates |
| Previous Message | Roger Tannous | 2023-08-21 08:42:34 | LDAP Authentication |