From: | "Greg Cocks" <gcocks(at)stoller(dot)com> |
---|---|
To: | <pgsql-novice(at)postgresql(dot)org> |
Cc: | "Pete Humphrey" <phumphrey(at)stoller(dot)com> |
Subject: | SUM - Seeking experiences 'accessing' Microsoft Active Directory credentials from PostgreSQL, in conjunction with the sys admin / IT... |
Date: | 2010-03-05 01:36:37 |
Message-ID: | 66F6CF82BF58CE4DB4285BE816B297E8C72AE8@tribble.SMStoller.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-novice |
Hello,
Thank you for the suggestions...
Background - I am working in a Windows environment, am a geologist by training and primarily focused on scientific data management and sharing, including via web pages (PHP, etc) that I construct...
Although the LDAP suggestions were intriguing, I unfortunately don't feel that I (currently at least) have the time to get into what seems like a very IT specific area...
Even with the stated and recognised "tomanymovingparts', I went with...
- having IT dump the AD user contents into a pipe-delimited text field in a secure spot on 'my' web/database server on a nightly basis (yes, on the same virtual server - hey, we are a smallish operation! ;) )
- installed pgAgent
- wrote some simple SQL (TRUNCATE, COPY...) to clear out and reload my "AD copy" (sic) table in my database
- added a pgAgent job to have this SQL 'work', again on a nightly basis 1 hour after the IT script created the text file 'dump' (note that I found I had to upgrade pgAdmin from v1.10.0 to 1.10.1, else trying to set up the job in pgAgent caused pgAdmin to crash (the power of Googling.. again...))
- went ahead and moved my backups from *.bat files initiated by Windows Task Scheduler ---> pgAgent jobs (easier to manage, all in the one place, etc)
Again, thanks...
----------
Regards,
GREG COCKS
Data Management Specialist / Scientist / GIS Analyst IV
gcocks(at)stoller(dot)com <blocked::mailto:gcocks(at)stoller(dot)com>
S. M. Stoller Corp
105 Technology Drive, Suite 190
Broomfield, CO 80021
www.stoller.com <blocked::http://www.stoller.com/>
303-546-4300
303-443-1408 fax
303-546-4422 direct
303-828-7576 cell
________________________________
From: Greg Cocks [mailto:gcocks(at)stoller(dot)com]
Sent: Tue 2/23/2010 4:00 PM
To: pgsql-novice(at)postgresql(dot)org
Cc: Pete Humphrey
Subject: [NOVICE] Seeking experiences 'accessing' Microsoft Active Directory credentials from PostgreSQL, in conjunction with the sys admin / IT...
Hello,
I have been doing some reading and working with the IT staff here to be able to get (read-only) accessibility in PostgreSQL to the Active Directory credentials for a Microsoft network - UID, fname, lname, etc (not the PWID of course!)
I would appreciate any suggestions on the most workable and dynamic approach...
My initial two thoughts were:
* Have IT write a script to dump the AS credentials as, say, a delimited text file to a (secure) location on a nightly basis (an often enough frequency for my purposes) - and have PostgreSQL dynamically link, with the right credentials, to that network location with their text file/s (including 'recognising' when the file/s change)
* A 'direct' read-only connection (without comprising the network security), but of what sort? I have no experience in how AD stores and shares its info, bit am happy to learn what is needed (IT has a lot of knowledge of course, but don't use PostgreSQL)
Thanks in advance for any help...
Some new things to learn, always a good thing - hence what seems like a possibly vague / broad request...
----------
Regards,
Greg Cocks
Licensed Geologist, WA#415
Data Management & GIS Analyst
gcocks(at)stoller(dot)com
S. M. Stoller Corp
105 Technology Drive, Suite 190
Broomfield, CO 80021
www.stoller.com
303-546-4300
303-443-1408 fax
303-546-4422 direct
303-828-7576 cell
From | Date | Subject | |
---|---|---|---|
Next Message | venkatrao.b | 2010-03-05 04:28:53 | Re: a query problem |
Previous Message | Michael Wood | 2010-03-04 21:16:01 | Re: a query problem |