I am new to Apache LDAP with Postgresql. Here I am using postgresql v11 and apache LDAP v2.0. I would like to know does it support multiple organizational unit (OU) configuration in postgresql? If it supports please suggest, How can we configure it?
Thanks in advance.
Bearing in mind that you need to make a 1-to-1 mapping of roles in Postgres to any external (LDAP-based users), you can do the following:
In psql
:
postgres=# create role ou1;
CREATE ROLE
postgres=# create role ou2;
CREATE ROLE
postgres=# create role user1 in role ou1;
CREATE ROLE
postgres=# create role user2 in role ou2;
CREATE ROLE
(Remember, roles are both groups and users -- just one term for both types)
In pg_hba.conf
:
host all +ou1 0.0.0.0/0 ldap ldapserver=ldap-service ldapprefix="cn=" ldapsuffix=", ou=ou1, dc=example, dc=org" ldapport=389
host all +ou2 0.0.0.0/0 ldap ldapserver=ldap-service ldapprefix="cn=" ldapsuffix=", ou=ou2, dc=example, dc=org" ldapport=389
Disclosure: I work for EnterpriseDB (EDB)