From: | "Lentes, Bernd" <bernd(dot)lentes(at)helmholtz-muenchen(dot)de> |
---|---|
To: | pgsql-admin(at)lists(dot)postgresql(dot)org |
Subject: | User Authentication: LDAP and "local" accounts concurrently ? |
Date: | 2018-11-23 14:36:42 |
Message-ID: | 1819852155.20922807.1542983802608.JavaMail.zimbra@helmholtz-muenchen.de |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-admin |
Hi,
i created a Postgres Server 9.6 on a SLES 12 SP3 box. In our institution we have a Windows ADS which i like to use to authenticate users via LDAP. But because there are several prerequisites to create such an account, which make things
sometime complicated, i also like to create "local" users (users defined in the postgres DB itself).
Is it possible to use both concurrently ? Some users autheticate via LDAP, others local.
From what i read in the doc it does not seem to work:
"Each record specifies a connection type, a client IP address range (if relevant for the connection type),
a database name, a user name, and the authentication method to be used for connections matching
these parameters. The first record with a matching connection type, client address, requested database,
and user name is used to perform authentication.
====> There is no “fall-through” or “backup”: if one record
is chosen and the authentication fails, subsequent records are not considered. If no record matches,
access is denied. <=====
But maybe i misunderstood that.
Bernd
--
Bernd Lentes
Systemadministration
Institut für Entwicklungsgenetik
Gebäude 35.34 - Raum 208
HelmholtzZentrum münchen
[ mailto:bernd(dot)lentes(at)helmholtz-muenchen(dot)de | bernd(dot)lentes(at)helmholtz-muenchen(dot)de ]
phone: +49 89 3187 1241
fax: +49 89 3187 2294
[ http://www.helmholtz-muenchen.de/idg | http://www.helmholtz-muenchen.de/idg ]
wer Fehler macht kann etwas lernen
wer nichts macht kann auch nichts lernen
Helmholtz Zentrum Muenchen
Deutsches Forschungszentrum fuer Gesundheit und Umwelt (GmbH)
Ingolstaedter Landstr. 1
85764 Neuherberg
www.helmholtz-muenchen.de
Aufsichtsratsvorsitzende: MinDirig.in Petra Steiner-Hoffmann
Stellv.Aufsichtsratsvorsitzender: MinDirig. Dr. Manfred Wolter
Geschaeftsfuehrer: Prof. Dr. med. Dr. h.c. Matthias Tschoep, Heinrich Bassler, Dr. rer. nat. Alfons Enhsen
Registergericht: Amtsgericht Muenchen HRB 6466
USt-IdNr: DE 129521671
From | Date | Subject | |
---|---|---|---|
Next Message | Tom Lane | 2018-11-23 14:47:36 | Re: User Authentication: LDAP and "local" accounts concurrently ? |
Previous Message | AYahorau | 2018-11-23 14:31:18 | Re: Logical replication monitoring |