- publishing free software manuals
[Home] [Catalogue] [New Titles] [News] [Site Map] [About] [Contact]
<<< previous table of contents next >>>
The PostgreSQL 9.0 Reference Manual - Volume 2 - Programming Guide
by The PostgreSQL Global Development Group
Paperback (6"x9"), 478 pages
ISBN 9781906966065
RRP £14.95 ($19.95)

Sales of this book support the PostgreSQL project! Get a printed copy>>>
PostgreSQL 9.0 Reference Manual
Volume 2
Buy the book here! >>>
only $19.95

1.16 LDAP Lookup of Connection Parameters

If libpq has been compiled with LDAP support (option --with-ldap for configure) it is possible to retrieve connection options like host or dbname via LDAP from a central server. The advantage is that if the connection parameters for a database change, the connection information doesn't have to be updated on all client machines.

LDAP connection parameter lookup uses the connection service file ‘pg_service.conf’ (see section 1.15 The Connection Service File). A line in a ‘pg_service.conf’ stanza that starts with ldap:// will be recognized as an LDAP URL and an LDAP query will be performed. The result must be a list of keyword = value pairs which will be used to set connection options. The URL must conform to RFC 1959 and be of the form 

ldap://[hostname[:port]]/search_base?attribute?search_scope?
filter

where hostname defaults to localhost and port defaults to 389.

Processing of ‘pg_service.conf’ is terminated after a successful LDAP lookup, but is continued if the LDAP server cannot be contacted. This is to provide a fallback with further LDAP URL lines that point to different LDAP servers, classical keyword = value pairs, or default connection options. If you would rather get an error message in this case, add a syntactically incorrect line after the LDAP URL.

A sample LDAP entry that has been created with the LDIF file 

version:1
dn:cn=mydatabase,dc=mycompany,dc=com
changetype:add
objectclass:top
objectclass:groupOfUniqueNames
cn:mydatabase
uniqueMember:host=dbserver.mycompany.com
uniqueMember:port=5439
uniqueMember:dbname=mydb
uniqueMember:user=mydb_user
uniqueMember:sslmode=require

might be queried with the following LDAP URL: 

ldap://ldap.mycompany.com/dc=mycompany,dc=com?uniqueMember?
  one?(cn=mydatabase)

You can also mix regular service file entries with LDAP lookups. A complete example for a stanza in ‘pg_service.conf’ would be: 

# only host and port are stored in LDAP, specify dbname and 
  user explicitly
[customerdb]
dbname=customer
user=appuser
ldap://ldap.acme.com/cn=dbserver,cn=hosts?pgconnectinfo?base?
  (objectclass=*)
<<< previous table of contents next >>>
ISBN 9781906966065The PostgreSQL 9.0 Reference Manual - Volume 2 - Programming GuideSee the print edition
Network Theory Limited, United Kingdom
Telephone: +44 117 317 9309 Fax: +44 117 973 3323 Email: sales@network-theory.co.uk
Web: www.network-theory.co.uk
Buying our books supports the development of free software and documentation!