From 5e45211a64149b3c659b90ff2de6fa982a5a93ed Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sat, 4 May 2024 14:17:33 +0200 Subject: Adding upstream version 15.5. Signed-off-by: Daniel Baumann --- doc/src/sgml/html/libpq-ldap.html | 63 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 63 insertions(+) create mode 100644 doc/src/sgml/html/libpq-ldap.html (limited to 'doc/src/sgml/html/libpq-ldap.html') diff --git a/doc/src/sgml/html/libpq-ldap.html b/doc/src/sgml/html/libpq-ldap.html new file mode 100644 index 0000000..8321032 --- /dev/null +++ b/doc/src/sgml/html/libpq-ldap.html @@ -0,0 +1,63 @@ + +34.18. LDAP Lookup of Connection Parameters
34.18. LDAP Lookup of Connection Parameters
Prev UpChapter 34. libpq — C LibraryHome Next

34.18. LDAP Lookup of Connection Parameters

+ If libpq has been compiled with LDAP support (option + --with-ldap for configure) + it is possible to retrieve connection options like host + or dbname via LDAP from a central server. + The advantage is that if the connection parameters for a database change, + the connection information doesn't have to be updated on all client machines. +

+ LDAP connection parameter lookup uses the connection service file + pg_service.conf (see Section 34.17). A line in a + pg_service.conf stanza that starts with + ldap:// will be recognized as an LDAP URL and an + LDAP query will be performed. The result must be a list of + keyword = value pairs which will be used to set + connection options. The URL must conform to + RFC 1959 + and be of the form +

+ldap://[hostname[:port]]/search_base?attribute?search_scope?filter
+

+ where hostname defaults to + localhost and port + defaults to 389. +

+ Processing of pg_service.conf is terminated after + a successful LDAP lookup, but is continued if the LDAP server cannot + be contacted. This is to provide a fallback with further LDAP URL + lines that point to different LDAP servers, classical keyword + = value pairs, or default connection options. If you would + rather get an error message in this case, add a syntactically incorrect + line after the LDAP URL. +

+ A sample LDAP entry that has been created with the LDIF file +

+version:1
+dn:cn=mydatabase,dc=mycompany,dc=com
+changetype:add
+objectclass:top
+objectclass:device
+cn:mydatabase
+description:host=dbserver.mycompany.com
+description:port=5439
+description:dbname=mydb
+description:user=mydb_user
+description:sslmode=require
+

+ might be queried with the following LDAP URL: +

+ldap://ldap.mycompany.com/dc=mycompany,dc=com?description?one?(cn=mydatabase)
+

+

+ You can also mix regular service file entries with LDAP lookups. + A complete example for a stanza in pg_service.conf + would be: +

+# only host and port are stored in LDAP, specify dbname and user explicitly
+[customerdb]
+dbname=customer
+user=appuser
+ldap://ldap.acme.com/cn=dbserver,cn=hosts?pgconnectinfo?base?(objectclass=*)
+

+

Prev Up Next
34.17. The Connection Service File Home 34.19. SSL Support
\ No newline at end of file -- cgit v1.2.3