Skip site navigation (1) Skip section navigation (2)

LDAP AUTH / IDENT question

From: Evan Sarmiento <esarmiento(at)csnstores(dot)com>
To: "pgsql-admin(at)postgresql(dot)org" <pgsql-admin(at)postgresql(dot)org>
Subject: LDAP AUTH / IDENT question
Date: 2010-11-29 15:24:02
Message-ID: CB48DC77786B6548A74781566A6BFFEE09A777BDC4@wren.csnzoo.com (view raw or flat)
Thread:
Lists: pgsql-admin
Hi,

I have an interesting problem I hope to have help with. I am running PgSQL and there is a database user called 'admin' with all privileges and a password 'X' let's say. I am trying to move this server to use the local active directory server for authentication. Now, everyone depends on this 'admin' password being 'X' and there's no way I can simply add the user 'admin' to the AD server because there already is one.

Now, I know you can make a mapping like

System-username database-username

But, if I enable LDAP for all authentications, how does this work?

If I am user Y and I connect using PHP let's say DBConnect('admin', 'X') and I have the mapping that user Y can connect as admin, will it fail because the password was defined locally in pgSQL and not AD? Do I have to login as admin now with my own password and not admin's password?

- Evan

!



pgsql-admin by date

Next:From: A JDate: 2010-11-29 16:49:59
Subject: Extension for file management under postgres
Previous:From: Kevin GrittnerDate: 2010-11-29 14:59:34
Subject: Re: data mount point lost permissions

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group