Hi Roger, Here is the high level process: 1- Create the user x without password in Postgres. 2- Assign role or roles to the user x 3- Update pg_hba.conf with the ldap connection link.
You might need cert for the ldap to connect to AD, assuming you are using AD. Regards, Emile > On 21 Aug 2023, at 10:42, Roger Tannous <roger.tann...@gmail.com> wrote: > > Hello, > > In section 21.10 LDAP Authentication > <https://www.postgresql.org/docs/current/auth-ldap.html> of the > documentation, it says that the DB user must already exist in the database > before LDAP can be used for authentication. > > I'm checking the possibility to use LDAP Authentication with Postgres, but > I'm confused about the user creation that must be initially done regarding > the value of the password. > > Suppose I create user_x with pass_x, this user will be able to connect to the > DB using these credentials and, of course, depending on the role assigned to > them. > > But once I configure LDAP authentication on the database server, user_x has > to connect to the database according to whatever is set up in LDAP, and the > initially configured password becomes obsolete ? Is that correct ? > > > Thank you in advance, > Roger >
