From: | Stephen Frost <sfrost(at)snowman(dot)net> |
---|---|
To: | John Scalia <jayknowsunix(at)gmail(dot)com> |
Cc: | Azimuddin Mohammed <azimeiu(at)gmail(dot)com>, pgsql-admin(at)postgresql(dot)org, pgsql-general(at)postgresql(dot)org, pgsql-admin(at)lists(dot)postgresql(dot)org |
Subject: | Re: LDAP for postgres |
Date: | 2018-02-07 21:18:48 |
Message-ID: | 20180207211848.GV2416@tamriel.snowman.net |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-admin pgsql-general |
Greetings,
Please don't top-post. I'd also suggest not cross-posting.
* John Scalia (jayknowsunix(at)gmail(dot)com) wrote:
> You’ll need to setup your pg_hba.conf file for LDAP. There are several different ways to do this, but a lot depends on how your LDAP server is setup. It’s impossible to really accurately say what you’ll need in that file.
If you are working in an Active Directory environment, you should really
be using Kerberos/GSSAPI, not LDAP. This is done by specifying 'gssapi'
in your pg_hba.conf.
Using LDAP for auth isn't secure and isn't necessary in an Active
Directory environment. If you are running an LDAP-only environment then
you should really be considering deployment of a proper authentication
system, such as MIT Kerberos or Heimdal Kerberos.
Thanks!
Stephen
From | Date | Subject | |
---|---|---|---|
Next Message | Adrian Klaver | 2018-02-07 23:29:36 | Re: Fwd: postgres instalation |
Previous Message | John Scalia | 2018-02-07 21:13:15 | Re: LDAP for postgres |
From | Date | Subject | |
---|---|---|---|
Next Message | Tomas Vondra | 2018-02-07 21:18:49 | Re: Critical errors during logical decoding |
Previous Message | John Scalia | 2018-02-07 21:13:15 | Re: LDAP for postgres |