On 09/11/2017 08:51 AM, rob stone wrote:
>
>
>>>
>>
>> Hi Rob,
>>
>> How would that work? I was under the impression the first column was
>> for socket type and limited to
>> local, host, hostssl, and hostnossl?
>>
>> Thunderbird's config has been fixed, so here is the line from
>> pg_hba.conf line without the
>> formatting issues:
>>
>> host all all 192.168.1.0/24 gss include_realm=1 map=testnet
>> krb_realm=A.DOMAIN.TLD
>>
>>
>> Thanks,
>> Ryan
>
>
> Hello Ryan,
>
> I'm probably incorrect about this as I don't use pg_ident but my
> understanding is that each line in pg_ident consists of three fields
> being:-
>
> mask-name external-credentials internal-credentials
>
> so that the external log-on is converted to its Postgres log-on and
> then the mask-name is used to find a line in pg_hba.conf to verify that
> the external-credentials were submitted from an allowable IP address.
>
> Maybe somebody more knowledgeable than myself could provide a better
> example.
>
>
> Cheers,
> Rob
>
>
Hi Rob,
That's my understanding of the syntax and workflow from the reading and
small experiments I've done as well.
There's two of us, so we're on our way to a consensus. :)
Thanks!
Ryan
--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general