LDAP using Active Directory

From: Michael Gould <mgould(at)intermodalsoftwaresolutions(dot)net>
To: Postgres General Postgres General <pgsql-general(at)postgresql(dot)org>
Subject: LDAP using Active Directory
Date: 2009-08-05 16:47:16
Message-ID: 01629825e5d71b54dc6eeb7a00b97cf5@intermodalsoftwaresolutions.net
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-general


I am wondering how others handle the login situation. We use Active
Directory and require our users to change their passwords every 30 days.
Currently in our old system using SQL Anywhere we use the integrated login
feature. Our db server is Windows 2003 R2

I believe we can mimic this in Postgres.

What are peoples feelings about using passwords in Postgres in this
situation? We know that only people authenticated to access our servers are
actually getting logged in. All of our users must login through Citrix and
access our system via our Citrix web page login.

We I do not believe we can capture the password from Active Directory that
the user types so I really do not want to use a password on the Postgres
side. We do have application level security also which only allows certain
users (same as the login id) access to the allowed area's within the system
and only at the level of access prescribed within the system.

What are others thoughts on this. With SQL Anywhere if you are using
integrated logins, you need to enter a password when the account is first
defined to the database but it is bypassed from that point forward unless
you remove their access to use integrated logins.

Best Regards
--
Michael Gould, Managing Partner
Intermodal Software Solutions, LLC
904.226.0978
904.592.5250 fax

In response to

Responses

Browse pgsql-general by date

  From Date Subject
Next Message Scott Marlowe 2009-08-05 17:27:52 Re: Update Query doesn't affect all records
Previous Message Richard Esmonde 2009-08-05 16:22:26 PostGres Config to Authenticate against AD over LDAP