| From: | Magnus Hagander <magnus(at)hagander(dot)net> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Scot Kreienkamp <SKreien(at)la-z-boy(dot)com>, ray <ray(at)teladesign(dot)ie>, pgsql-general <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: slightly off-topic: Central Auth |
| Date: | 2009-10-16 22:49:37 |
| Message-ID: | 9837222c0910161549r690145c0ife2253054c7ceb8d@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
2009/10/17 Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>:
> If you decide to go with this approach and use PAM as intermediary,
> you'll need the patch I just committed in response to bug #5121 --- it
> turns out nobody had ever tried that with Postgres before :-(. But
> I think it's also possible to just use PG's native Kerberos support
> with AD, which would explain why nobody had tried it.
It most definitely is possible. Note that the recommendation is to
use GSSAPI with Kerberos and not the native "krb5" authentication for
tihs if possible.
--
Magnus Hagander
Me: http://www.hagander.net/
Work: http://www.redpill-linpro.com/
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Dennis Gearon | 2009-10-16 23:43:00 | pgadmin3 hangs during dump |
| Previous Message | Tom Lane | 2009-10-16 22:40:17 | Re: slightly off-topic: Central Auth |