I am currently setting up various environments to allow our developers to login to Postgresql using their LDAP password. Also limiting the servers they can access.
I have successfully setup LDAP and setup simple authentication using simple bind. This was my test case. Now I need to move to the next lever which would be search and bind. This will allow me to grant access to particular servers for some people. I am not sure where or how the ldapsearchattibute comes into play.
For example, this would be the search filter I will use: (&(objectClass=posixAccount)(uid=$username)(|(host=$hostname)(host=$fqdn)(host=\\*)))
So it makes sure that the object class is possixAccount and the user id is $username, next match is, host = $hostname or host = $fqdn or host = *. These are attributes on the user's account.
How will Postgres match the username? How does it pass it to the query, everything else I can hardcode into the search filter.
Would an ldapurl be better here? But again how will I pass the uid to the ldapurl?
Thanks,
-Joseph Kregloh