Обсуждение: LDAP for postgres
hello,
Any idea about how I can enable LDAP for postgres after install ? --
Regards,
Azim
You’ll need to setup your pg_hba.conf file for LDAP. There are several different ways to do this, but a lot depends on howyour LDAP server is setup. It’s impossible to really accurately say what you’ll need in that file. — Jay Sent from my iPad > On Feb 7, 2018, at 3:28 PM, Azimuddin Mohammed <azimeiu@gmail.com> wrote: > > hello, > > Any idea about how I can enable LDAP for postgres after install ? > > -- > > Regards, > Azim >
You’ll need to setup your pg_hba.conf file for LDAP. There are several different ways to do this, but a lot depends on howyour LDAP server is setup. It’s impossible to really accurately say what you’ll need in that file. — Jay Sent from my iPad > On Feb 7, 2018, at 3:28 PM, Azimuddin Mohammed <azimeiu@gmail.com> wrote: > > hello, > > Any idea about how I can enable LDAP for postgres after install ? > > -- > > Regards, > Azim >
Greetings, Please don't top-post. I'd also suggest not cross-posting. * John Scalia (jayknowsunix@gmail.com) wrote: > You’ll need to setup your pg_hba.conf file for LDAP. There are several different ways to do this, but a lot depends onhow your LDAP server is setup. It’s impossible to really accurately say what you’ll need in that file. If you are working in an Active Directory environment, you should really be using Kerberos/GSSAPI, not LDAP. This is done by specifying 'gssapi' in your pg_hba.conf. Using LDAP for auth isn't secure and isn't necessary in an Active Directory environment. If you are running an LDAP-only environment then you should really be considering deployment of a proper authentication system, such as MIT Kerberos or Heimdal Kerberos. Thanks! Stephen
Вложения
Greetings, Please don't top-post. I'd also suggest not cross-posting. * John Scalia (jayknowsunix@gmail.com) wrote: > You’ll need to setup your pg_hba.conf file for LDAP. There are several different ways to do this, but a lot depends onhow your LDAP server is setup. It’s impossible to really accurately say what you’ll need in that file. If you are working in an Active Directory environment, you should really be using Kerberos/GSSAPI, not LDAP. This is done by specifying 'gssapi' in your pg_hba.conf. Using LDAP for auth isn't secure and isn't necessary in an Active Directory environment. If you are running an LDAP-only environment then you should really be considering deployment of a proper authentication system, such as MIT Kerberos or Heimdal Kerberos. Thanks! Stephen