On 5/21/13 2:54 AM, Andrzej Cedro wrote:
> I use PostgeSQL 9.1 32-bit on Windows 7 Professional with Active Directory as
> LDAP.
> I have following configration in pg_hba.conf:
>
> host all all all ldap ldapserver=192.168.155.157
> ldapbinddn="CN=aaaaaa,OU=bbbbb,DC=cccc,DC=dddd" ldapbindpasswd=******
> ldapbasedn="DC=cccc,DC=dddd" ldapsearchattribute=sAMAccountName
>
> Search is performed over the subtree at ldapbasedn, but is much more slower
> then search exactly on the same level as where the user resides. I think
> that search is performed on every database operation.
The search is only performed once when you log in.
In 9.3, we support LDAP URLs where you can specify the scope attribute
for the seach (base, one, sub), which could help you if the LDAP search
takes too long. But we don't support this as a separate parameter
outside of LDAP URLs. Maybe we should. (Note also that we don't
support LDAP URLs on Windows.)