Re: PostgreSQL LDAP \ Kerberos

Поиск
Список
Период
Сортировка
От Stephen Frost
Тема Re: PostgreSQL LDAP \ Kerberos
Дата
Msg-id 20190712121848.GC29202@tamriel.snowman.net
обсуждение исходный текст
Ответ на PostgreSQL LDAP \ Kerberos  (Pierre Ochsenbein <pierreochsenbein@gmail.com>)
Список pgsql-admin
Greetings,

* Pierre Ochsenbein (pierreochsenbein@gmail.com) wrote:
> Somebody can give me Feedback about PostgreSQL Authentication with LDAP and
> Kerberos.

You should use Kerberos for authentication, using LDAP isn't a good idea
because the PG server will see the user's password.

> Actually I use LDAP authentication and I would like to test automatically
> authentication  with Kerberos...
>
> It's easy to implement and works fine, no bugs in perspective?

Yes, it works fine, just generate a keytab and copy it to somewhere that
the PG server can see it.  If you're in an active directory environment
then this requires a bit more than just an addprinc/ktadd, there's a
blog post I wrote about doing it here:

https://info.crunchydata.com/blog/windows-active-directory-postgresql-gssapi-kerberos-authentication

Thanks,

Stephen

Вложения

В списке pgsql-admin по дате отправления:

Предыдущее
От: Pierre Ochsenbein
Дата:
Сообщение: PostgreSQL LDAP \ Kerberos
Следующее
От: Joshua Kramer
Дата:
Сообщение: Citus Maintenance Worker & template1 database