#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Feb 2013
    Posts
    2
    Rep Power
    0

    LDAP prefix authentication with postgresql


    I am new to using LDAP and trying to do some exploratory testing with postgresql and LDAP. I am having a hard time understanding the ldapprefix and suffix part.

    I have been authenticating using the following entry to pg_hba.conf

    local test1 jpowers ldap ldapserver=machine_name ldapprefix= ldapsuffix=@company.com

    This works fine. But I have not been able to completely understand or get a successful login with anything in the prefix line. I have been searching and all I was able to find out was below from documentation.

    EXAMPLE FROM POSTGRES MANUAL
    ldapserver=ldap.example.net ldapprefix="cn=" ldapsuffix=", dc=example, dc=net"

    Based upon this I know from Active directory that my user listed the following.
    CN=Jonathon Powers CN=users, DC=company, DC=com

    with that information I have tried connecting with the following entries in pg_hba.conf with no luck.

    local test1 jpowers ldap ldapserver=machine_name ldapprefix="cn=users" ldapsuffix=", dc=company, dc=com"

    local test1 jpowers ldap ldapserver=machine_name ldapprefix="cn=Jonathon Powers" ldapsuffix=", dc=company, dc=com"

    local test1 jpowers ldap ldapserver=machine_name ldapprefix="cn=" ldapsuffix=", dc=company, dc=com"

    Does anyone know what I might be missing, or what I am doing wrong?
  2. #2
  3. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Feb 2013
    Posts
    2
    Rep Power
    0
    Figured it out. I can have user powers in psql, and user jpowers in LDAP. I can connect to psql with user powers but have prefix "j" in the pg_hba.conf entry, so that it authenticates against LDAP with jpowers instead of powers.

    -Jpowers

    Originally Posted by jpowers
    I am new to using LDAP and trying to do some exploratory testing with postgresql and LDAP. I am having a hard time understanding the ldapprefix and suffix part.

    I have been authenticating using the following entry to pg_hba.conf

    local test1 jpowers ldap ldapserver=machine_name ldapprefix= ldapsuffix=@company.com

    This works fine. But I have not been able to completely understand or get a successful login with anything in the prefix line. I have been searching and all I was able to find out was below from documentation.

    EXAMPLE FROM POSTGRES MANUAL
    ldapserver=ldap.example.net ldapprefix="cn=" ldapsuffix=", dc=example, dc=net"

    Based upon this I know from Active directory that my user listed the following.
    CN=Jonathon Powers CN=users, DC=company, DC=com

    with that information I have tried connecting with the following entries in pg_hba.conf with no luck.

    local test1 jpowers ldap ldapserver=machine_name ldapprefix="cn=users" ldapsuffix=", dc=company, dc=com"

    local test1 jpowers ldap ldapserver=machine_name ldapprefix="cn=Jonathon Powers" ldapsuffix=", dc=company, dc=com"

    local test1 jpowers ldap ldapserver=machine_name ldapprefix="cn=" ldapsuffix=", dc=company, dc=com"

    Does anyone know what I might be missing, or what I am doing wrong?

IMN logo majestic logo threadwatch logo seochat tools logo