Tuesday, July 19, 2011

Postgresql 8.4 LDAP unknown authentication

The syntax to specify LDAP authentication in pg_hba.conf seems to have changed between version 8.3 and 8.4. At least in Debian Squeeze, where I have both installed.

For 8.3, I had a line like this in pg_hba.conf:

host  all  all  ldap "ldap://localhost/dc=mydomain,dc=lan;uid=;,ou=People,dc=mydomain,dc=lan"

When trying to start 8.4 with the same line, I was getting

# /etc/init.d/postgresql restart 8.4
Restarting PostgreSQL 8.4 database server: main
The PostgreSQL server failed to start. Please check the log output: [...]
invalid authentication method ":ldap" [...]
FATAL: could not load pg_hba.conf ... failed!

The new syntax which works in 8.4 is

host  all  all  ldap ldapserver=localhost ldapprefix="uid=" ldapsuffix=", ou=People, dc=mydomain, dc=lan"


Post a Comment

<< Home