OpenLDAP-POSTGRESQL HOWTO
PrevNext

3. Configuration

3.1. iODBC

With ODBC you have to configuration file: odbc.ini and odbcinst.ini. Here are the test samples configuration files I use:

3.1.1. odbc.ini

Just copy this file into the /etc directory.


;
;  odbc.ini
;
[ODBC Data Sources]
PgSQL=PostgreSQL

[PgSQL]
Driver=/usr/local/lib/psqlodbc.so
Description=Connection to LDAP/POSTGRESQL
Servername=localhost
Port=5432
Protocol=6.4
FetchBufferSize=99
Username=test
Password=test
Database=pg_ldap
ReadOnly=no
Debug=1
CommLog=1

[ODBC]
InstallDir=/usr/local/lib

3.1.2. odbcinst.ini

Normally the installation of psqlodbc library has already created this file, if not just copy this file into the /etc directory.


;
;  odbcinst.ini
;
[PostgreSQL]
Description=ODBC for PostgreSQL
Driver=/usr/local/lib/psqlodbc.so

[ODBC]
Trace=1
Debug=1
Pooling=No

3.2. OpenLDAP

You have to configure OpenLDAP to use the SQL backend, which database and some other SQL related specific option. See below:

3.2.1. slapd.conf

Just copy the file openldap-2.1.12/servers/slapd/back-sql/rdbms_depend/slapd.conf into the /usr/local/etc/openldap/ directory and change the dbname, dbuser, dbpasswd values as follow:


#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include         /usr/local/etc/openldap/schema/core.schema
include         /usr/local/etc/openldap/schema/cosine.schema
include         /usr/local/etc/openldap/schema/inetorgperson.schema

# Define global ACLs to disable default read access.
# Define global ACLs to disable default read access.
access to *
        by self write
        by * read
access to * by dn="cn=root,o=sql,c=RU" write
defaultaccess none

# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral       ldap://root.openldap.org

pidfile         /usr/local/var/slapd.pid
argsfile        /usr/local/var/slapd.args

#######################################################################
# sql database definitions
#######################################################################

database        sql
suffix         "o=sql,c=RU"
rootdn         "cn=root,o=sql,c=RU"
rootpw          secret
dbname          PgSQL
dbuser          test
dbpasswd        test
insentry_stmt  "insert into ldap_entries (id,dn,oc_map_id,parent,keyval) values ((select max(id)+1 from ldap_entries),?,?,?,?)"
upper_func      "upper"
strcast_func    "text"
concat_pattern  "?||?"
has_ldapinfo_dn_ru      no

lastmod off

See "man slapd-sql" if you want to know more about the SQL related options. Also if you never take a look to the slapd.conf file begining with "man slapd.conf" should be a good choice.

3.3. PostgreSQL

There's no special configuration options to give to PostgreSQL. We just need to create the test database and the test user.

You must su to user postgres or any other PostgreSQL superuser to perform the following task.

3.3.1. Creating the test database and test user

Just run the following command to create the test database: 

	createdb pg_ldap
Just run the following command to create the user 'test' with password 'test': 

	createuser --no-createdb --no-adduser --password test
and give the password 'test' at prompt.

3.3.2. Creating the SQL backend for LDAP

To have OpenLDAP working with a SQL backend you must create the database structure and fill some information in it. All you need is to change directory to openldap-2.1.12/servers/slapd/back-sql/rdbms_depend/pgsql/ and run the following command as PostgreSQL superuser: 

	psql pg_ldap  < backsql_create.sql
These tables are used by OpenLDAP to maintain all links between objects. This is the LDAP meta-structure.

3.3.3. Creating the test database schema

We have now to create a schema with table representing our test LDAP objects. This can be done by using the rdbms_depend/testdb_*.sql files and running the following commands: 

	psql -d pg_ldap < testdb_create.sql
These tables are used to create our test directory objects and their attributes.

3.3.4. Creating the metadata

This part generate all links between the SQL backend and the stored object for the test database. Theses metainformation are used to translate LDAP queries to SQL queries. This part also generate all SQL function used by the metadata definition to create links between the SQL backend and the stored object for the test database and to store all attributes value. 

	psql -d pg_ldap < testdb_metadata.sql

3.3.5. Insert data for testing

This part insert some data into the test database. This can be done by saving the following SQL code into a file named testdb_data.sql and running the following command: 

	psql -d pg_ldap < testdb_data.sql

3.3.6. Set grant on the database objects

To be able to run SQL queries onto the test database we must give the grant to user 'test'. This can be done by saving the following SQL code into a file named testdb_grant.sql and running the following command: 

	psql -d pg_ldap -c "GRANT ALL ON ldap_attr_mappings,ldap_entries,ldap_entry_objclasses,ldap_oc_mappings,ldap_referrals TO test;"
	psql -d pg_ldap -c "GRANT ALL ON ldap_attr_mappings_id_seq,ldap_entries_id_seq,ldap_oc_mappings_id_seq TO test;"
	psql -d pg_ldap -c "GRANT ALL ON authors_docs,documents,institutes,persons,phones TO test;"
	psql -d pg_ldap -c "GRANT ALL ON documents_id_seq,institutes_id_seq,persons_id_seq,phones_id_seq TO test;"

PrevHomeNext
Installation Testing the ODBC installation