Hi,
I am new to Postgres, but not so new with LDAP.
I installed postgres 8.4 with ldap; from 'grep -y ldap config.log':
[...]
config.log:configure_args=' '\''--with-libraries=/usr/local/lib'\''
'\''--with-includes=/usr/local/include'\''
'\''--enable-thread-safety'\'' '\''--with-openssl'\''
'\''--with-pam'\'' '\''--with-ldap'\'' '\''--with-libxml'\''
'\''--enable-nls'\'' '\''--prefix=/usr/local'\''
'\''--mandir=/usr/local/man'\'' '\''--infodir=/usr/local/info/'\''
'\''--build=i386-portbld-freebsd7.2'\''
'\''build_alias=i386-portbld-freebsd7.2'\'' '\''CC=gcc'\''
'\''CFLAGS=-O2 -fno-strict-aliasing -pipe -O3 -funroll-loops
-DLDAP_DEPRECATED'\'' '\''LDFLAGS= -pthread
-rpath=/usr/lib:/usr/local/lib -L/usr/local/lib'\''
'\''CPPFLAGS=-I/usr/local/include'\'''
config.log:with_ldap='yes'
config.log:#define USE_LDAP 1
config.log:#define HAVE_LDAP_H 1
config.log:#define HAVE_LIBLDAP 1
config.log:#define HAVE_LIBLDAP_R 1
[...]
In pg_hba.conf I have the line (wrapped for email purpose, in the
file, it's a single line):
host all all 192.41.170.0/24 ldap
ldapserver=ldap.cs.ait.ac.th ldapport=636 ldapprefx="uid="
ldapsuffix=",ou=People,ou=csim,dc=cs,dc=ait,dc=ac,dc=th"
Postgres will not start and give the error:
Oct 1 17:37:23 db2 postgres[28130]: [2-1] FATAL: could not load pg_hba.conf
If I use an authentication different than ldap, postgres starts
nicely.
The strange thing is that with tcpdump I don't see any traffic between
postgres and ldap server, not even the slightest begining of a
connection.
What could be the cause?
Subsidiary questions regardin the configuration of ldap in postgres:
- most configuration I have set so far need to specify a version for
ldap, version 3, how to specify the version number?
- my ldap server supports SSL (ldaps://ldap.cs.ait.ac.th), but not
TLS, how can I configure that?
- each user un ldap have some attributes saying that he is allowed to
use one or the other service, how to set a filter in postgres
options to ldap?
Best regards,
Olivier