SUM - Seeking experiences 'accessing' Microsoft Active Directory credentials from PostgreSQL, in conjunction with the sys admin / IT...

Поиск
Список
Период
Сортировка
От Greg Cocks
Тема SUM - Seeking experiences 'accessing' Microsoft Active Directory credentials from PostgreSQL, in conjunction with the sys admin / IT...
Дата
Msg-id 66F6CF82BF58CE4DB4285BE816B297E8C72AE8@tribble.SMStoller.com
обсуждение исходный текст
Ответ на Seeking experiences 'accessing' Microsoft Active Directory credentials from PostgreSQL, in conjunction with the sys admin / IT...  ("Greg Cocks" <gcocks@stoller.com>)
Список pgsql-novice
Дерево обсуждения
Hello,
 
Thank you for the suggestions...
 
Background - I am working in a Windows environment, am a geologist by training and primarily focused on scientific data management and sharing, including via web pages (PHP, etc) that I construct...
 
Although the LDAP suggestions were intriguing, I unfortunately don't feel that I (currently at least) have the time to get into what seems like a very IT specific area...
 
Even with the stated and recognised "tomanymovingparts', I went with...
 
 - having IT dump the AD user contents into a pipe-delimited text field in a secure spot on 'my' web/database server on a nightly basis (yes, on the same virtual server - hey, we are a smallish operation!  ;)  )
 
 - installed pgAgent
 
 - wrote some simple SQL (TRUNCATE, COPY...) to clear out and reload my "AD copy" (sic) table in my database
 
 - added a pgAgent job to have this SQL 'work', again on a nightly basis 1 hour after the IT script created the text file 'dump' (note that I found I had to upgrade pgAdmin from v1.10.0 to 1.10.1, else trying to set up the job in pgAgent caused pgAdmin to crash (the power of Googling.. again...))
 
 - went ahead and moved my backups from *.bat files initiated by Windows Task Scheduler ---> pgAgent jobs (easier to manage, all in the one place, etc)
 
Again, thanks...
 
----------
Regards,
GREG COCKS
Data Management Specialist / Scientist / GIS Analyst IV
gcocks@stoller.com
S. M. Stoller Corp
105 Technology Drive, Suite 190
Broomfield, CO 80021
www.stoller.com
303-546-4300
303-443-1408 fax
303-546-4422 direct
303-828-7576 cell

From: Greg Cocks [mailto:gcocks@stoller.com]
Sent: Tue 2/23/2010 4:00 PM
To: pgsql-novice@postgresql.org
Cc: Pete Humphrey
Subject: [NOVICE] Seeking experiences 'accessing' Microsoft Active Directory credentials from PostgreSQL, in conjunction with the sys admin / IT...

Hello,

 

I have been doing some reading and working with the IT staff here to be able to get (read-only) accessibility in PostgreSQL to the Active Directory credentials for a Microsoft network – UID, fname, lname, etc (not the PWID of course!)

 

I would appreciate any suggestions on the most workable and dynamic approach…

 

My initial two thoughts were:

  • Have IT write a script to dump the AS credentials as, say, a delimited text file to a (secure) location on a nightly basis (an often enough frequency for my purposes) – and have PostgreSQL dynamically link, with the right credentials, to that network location with their text file/s (including ‘recognising’ when the file/s change)
  • A ‘direct’ read-only connection (without comprising the network security), but of what sort? I have no experience in how AD stores and shares its info, bit am happy to learn what is needed (IT has a lot of knowledge of course, but don’t use PostgreSQL)

 

Thanks in advance for any help…

 

Some new things to learn, always a good thing - hence what seems like a possibly vague / broad request…

 

----------
Regards,

Greg Cocks

Licensed Geologist, WA#415

Data Management & GIS Analyst
gcocks@stoller.com
S. M. Stoller Corp
105 Technology Drive, Suite 190
Broomfield, CO 80021
www.stoller.com
303-546-4300
303-443-1408 fax
303-546-4422 direct
303-828-7576 cell

 

В списке pgsql-novice по дате отправления:

Предыдущее
От: Michael Wood
Дата:
Сообщение: Re: a query problem
Следующее
От: venkatrao.b@tcs.com
Дата:
Сообщение: Re: a query problem