Greetings,
Please don't top-post. I'd also suggest not cross-posting.
* John Scalia (jayknowsunix@gmail.com) wrote:
> You’ll need to setup your pg_hba.conf file for LDAP. There are several different ways to do this, but a lot depends
onhow your LDAP server is setup. It’s impossible to really accurately say what you’ll need in that file.
If you are working in an Active Directory environment, you should really
be using Kerberos/GSSAPI, not LDAP. This is done by specifying 'gssapi'
in your pg_hba.conf.
Using LDAP for auth isn't secure and isn't necessary in an Active
Directory environment. If you are running an LDAP-only environment then
you should really be considering deployment of a proper authentication
system, such as MIT Kerberos or Heimdal Kerberos.
Thanks!
Stephen