Re: Windows SIngle Sign On - LINUX Server

Marcus' guide looks great.

So what's the pros/cons of using the Kerberos via GSSAPI method, rather than going for the SingleSignOn method mentioned by Sunday?
________________________________________
From: SUNDAY A. OLUTAYO [olutayo(at)sadeeb(dot)com]
Sent: Saturday, 25 August 2012 12:00 a.m.
To: Craig Ringer
Cc: Jeremy Palmer; pgsql-general(at)postgresql(dot)org
Subject: Re: [GENERAL] Windows SIngle Sign On - LINUX Server

In real world deployment, LDAP and Kerbero are often combined for authentication and authorization.

The link below is a well documented howto:

https://help.ubuntu.com/community/SingleSignOn

Thanks,

Sunday Olutayo

----- Original Message -----
From: "Craig Ringer" <ringerc(at)ringerc(dot)id(dot)au>
To: "SUNDAY A. OLUTAYO" <olutayo(at)sadeeb(dot)com>
Cc: "Jeremy Palmer" <JPalmer(at)linz(dot)govt(dot)nz>, pgsql-general(at)postgresql(dot)org
Sent: Friday, August 24, 2012 12:48:01 PM
Subject: Re: [GENERAL] Windows SIngle Sign On - LINUX Server

On 08/24/2012 06:10 PM, SUNDAY A. OLUTAYO wrote:
> LDAP will be your best choice for SSO, Ubuntu Linux can authenticate against AD.

I'm not at all convinced by that. Active Directory functions as a
Kerberos KDC. Kerberos provides secure authentication and (unlike LDAP)
single sign-on.

http://technet.microsoft.com/en-us/library/bb742516.aspx

Use Kerberos via GSSAPI. Here's a good starting point by Marcus:

http://www.hagander.net/talks/Deploying%20PostgreSQL%20in%20a%20Windows%20Enterprise.pdf

--
Craig Ringer
This message contains information, which is confidential and may be subject to legal privilege. If you are not the intended recipient, you must not peruse, use, disseminate, distribute or copy this message. If you have received this message in error, please notify us immediately (Phone 0800 665 463 or info(at)linz(dot)govt(dot)nz) and destroy the original message. LINZ accepts no responsibility for changes to this email, or for any attachments, after its transmission from LINZ. Thank You.