Integrating with LDAP
This recipe shows you how to set up your PostgreSQL system so that it uses the LDAP for authentication.
Getting ready
Ensure that the usernames in the database and your LDAP server match, as this method works for user authentication checks of users who are already defined in the database.
How to do it…
In the pg_hba.conf
PostgreSQL authentication file, we define some address ranges to use LDAP as an authentication method, and we configure the LDAP server for this address range:
host all all 10.10.0.1/16 ldap \
ldapserver=ldap.our.net ldapprefix="cn=" ldapsuffix=",
dc=our,dc=net"
How it works…
This setup makes the PostgreSQL server check passwords from the configured LDAP server.
User rights are not queried from the LDAP server but have to be defined inside the database, using the ALTER USER
, GRANT
, and REVOKE
commands.
There’s more…
We have...