Обсуждение: Requesting Information for GSSAPI

Поиск
Список
Период
Сортировка

Requesting Information for GSSAPI

От
Lingesan Jeyapandy
Дата:

Team,

 

We have configured postgres GSSAPI setup on Linux server.   We have huge domain AD users in our org.

 

But we are looking to limit access only to setup AD distributed groups. Is there any way to control access only at AD distribution list user can only access gssapi configured postgres environment.

 

Our postgres version is 15.

 

 

Regards,

 

Lingesan Jeyapandy

 

 

Re: Requesting Information for GSSAPI

От
Stephen Frost
Дата:
Greetings,

* Lingesan Jeyapandy (...) wrote:
> We have configured postgres GSSAPI setup on Linux server.   We have huge domain AD users in our org.
>
> But we are looking to limit access only to setup AD distributed groups. Is there any way to control access only at AD
distributionlist user can only access gssapi configured postgres environment. 
>
> Our postgres version is 15.

To be able to log into the PG server, an account in PG has to exist.  If
it doesn't, then the user won't be able to log in.

There are some options for sync'ing specific AD groups into PG
accounts, eg:

https://github.com/larskanis/pg-ldap-sync

Thanks,

Stephen
Вложения