On 02/23/2011 10:27 PM, Magnus Hagander wrote:
> On Wed, Feb 23, 2011 at 11:43, Sim Zacks<sim@compulab.co.il> wrote:
>> Is there a way to do ldap authentication in pg_hba on a structure that has
>> multiple ou objects?
>>
>> Lets say I have an ou=Users and then an ou per dept.
>>
>> I want the ldap to do authentication no matter which ou the user is in.
>>
>>
>> My current ldap string is:
>>
>> ldap://ldap.server.local/Users;uid=;,ou=Users,dc=server,dc=local
>>
>> and it works if the user is only in the ou=Users but if he is in any sub ou
>> it gives authentication failed.
> Yes, if you use the search+bind mode you can search across a
> hierarchy. See http://www.postgresql.org/docs/9.0/static/auth-methods.html#AUTH-LDAP,
> look under "search+bind".
I guess that's new in 9.0 We're still stuck in 8.2land for the time being.
Thanks
Sim