| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Ivan Novick <inovick(at)pivotal(dot)io> |
| Cc: | pgadmin-support(at)lists(dot)postgresql(dot)org |
| Subject: | Re: multiple Kerberos Server Principals from 1 instance of pgadmin |
| Date: | 2019-08-15 23:54:02 |
| Message-ID: | 20190815235402.GR16436@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgadmin-support |
Greetings,
* Ivan Novick (inovick(at)pivotal(dot)io) wrote:
> We have a user that is working with postgres and greenplum and they said
> that pgadmin4 only allows one Kerberos Server Principal per pgAdmin
> instance because it takes the value of the environment variable
> PGKRBSRVNAME. Kerberos Server Principal value is the name of the user
> running Greenplum or Postgres database.
>
> The user is trying to connect to multiple databases and they have different
> user names in the installation like gpadmin. pgqa pgprod, etc. So they can
> not connect to both from one PGADMIN because the environment variable would
> need to be reset when starting pgadmin.
PGKRBSRVNAME is typically either 'postgres' or 'POSTGRES', depending on
if you are dealing with Active Directory clients or not. I agree that
it's theoretically possible that you might need to be able to configure
PGKRBSRVNAME on a per-server/cluster basis, but you definitely don't
need to be able to do so on a per-database basis and the PGKRBSRVNAME
has absolutely nothing to do with the user's username, nor the unix user
that the server actually runs as.
What, exactly, are you thinking that value would be set to?
Can you show what klist -k /path/to/keytab on the PG server returns?
Thanks,
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Pierre Ochsenbein | 2019-08-16 11:27:04 | pgAdmin Citrix |
| Previous Message | Ivan Novick | 2019-08-15 23:16:09 | multiple Kerberos Server Principals from 1 instance of pgadmin |