Index: doc/src/sgml/client-auth.sgml
===================================================================
RCS file: /projects/cvsroot/pgsql/doc/src/sgml/client-auth.sgml,v
retrieving revision 1.86
diff -c -r1.86 client-auth.sgml
*** doc/src/sgml/client-auth.sgml 4 Nov 2005 23:13:59 -0000 1.86
--- doc/src/sgml/client-auth.sgml 31 Dec 2005 16:15:32 -0000
***************
*** 375,380 ****
--- 375,390 ----
+ ldap
+
+
+ Authenticate using LDAP to a central server. See for details.
+
+
+
+
+ pam
***************
*** 887,892 ****
--- 897,952 ----
+
+ LDAP authentication
+
+
+ LDAP
+
+
+
+ This authentication method operates similarly to
+ password except that it uses LDAP
+ as the authentication method. LDAP is used only to validate
+ the user name/password pairs. Therefore the user must already
+ exist in the database before LDAP can be used for
+ authentication. The server and parameters used are specified
+ after the ldap key word in the file
+ pg_hba.conf. The format of this parameter is:
+
+ ldap[s]://servername[:port]/base dn[;prefix[;suffix]]
+
+ for example:
+
+ ldap://ldap.example.net/dc=example,dc=net;EXAMPLE\
+
+
+
+
+ If ldaps is specified instead of ldap,
+ TLS encryption will be enabled for the connection. Note that this
+ will encrypt only the connection between the PostgreSQL server
+ and the LDAP server. The connection between the client and the
+ PostgreSQL server is not affected by this setting. To make use of
+ TLS encryption, you may need to configure the LDAP library prior
+ to configuring PostgreSQL.
+
+
+ If no port is specified, the default port as configured in the
+ LDAP library will be used.
+
+
+ The server will bind to the distinguished name specified as
+ base dn using the username supplied by the client.
+ If prefix and suffix is
+ specified, it will be prepended and appended to the username
+ before the bind. Typically, the prefix parameter is used to specify
+ cn=, or DOMAIN\ in an Active
+ Directory environment.
+
+
+
+
PAM authentication
Index: doc/src/sgml/installation.sgml
===================================================================
RCS file: /projects/cvsroot/pgsql/doc/src/sgml/installation.sgml,v
retrieving revision 1.250
diff -c -r1.250 installation.sgml
*** doc/src/sgml/installation.sgml 4 Dec 2005 03:52:29 -0000 1.250
--- doc/src/sgml/installation.sgml 31 Dec 2005 16:15:32 -0000
***************
*** 279,285 ****
! Kerberos, OpenSSL, and/or
PAM, if you want to support authentication or
encryption using these services.
--- 279,286 ----
! Kerberos, OpenSSL,
! OpenLDAP, and/or
PAM, if you want to support authentication or
encryption using these services.
***************
*** 862,867 ****
--- 863,883 ----
+
+
+
+ Build with LDAPLDAP
+ authentication support. On Unix, this requires the
+ OpenLDAP package to be installed.
+ configure will check for the required header files
+ and libraries to make sure that your OpenLDAP
+ installation is sufficient before proceeding. On Windows,
+ the default WinLDAP library is used.
+
+
+
+
+