From: | Andrew Dunstan <andrew(at)dunslane(dot)net> |
---|---|
To: | rs(dot)trevk(at)gmail(dot)com, pgsql-hackers(at)lists(dot)postgresql(dot)org |
Subject: | Re: Feature request support MS Entra ID Authentication from On-premises PostreSQL server |
Date: | 2024-02-11 15:01:51 |
Message-ID: | f331f33c-b897-5436-c667-e50b3e53244f@dunslane.net |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On 2024-02-10 Sa 12:26, rs(dot)trevk(at)gmail(dot)com wrote:
>
> Hi all,
>
> Don’t know if I got this to the right group.
>
> Proposal Template For a New Feature
>
> One-line Summary: Feature request Natively integration support Azure
> Microsoft Entra ID for authentication from On-premises PostreSQL server.
>
> Business Use-case: Explain the problem that you are trying to solve
> with the proposal.
>
> Using new Authentciation method (entra ID) vs Ldap method for
> On-Premises PostgreSQL server databases.
>
> User impact with the change:
>
> Trying to stream line accounts so we only have one place for Users and
> accounts, for onboarding
>
> and offboarding and our Echo system is starting to move to Azure, but
> we still have On-premises PostgresSQL servers.
>
> Our Security groups want us to use new Authentication methods and have
> integration into MS Entra ID.
>
> I know that I can from the Azure PostgreSQL log in with Azure Entra ID
> with psql.exe and pgAdmin 4 and have this working for the Azure
> PostgreSQl database.
>
> But have not found a way to do this with our On-premises PostgreSQL
> server databases.
>
> There may be a method for already doing this but I have not found it,
> and I am very new to PostgreSQL.
>
What is the difference between this and ActiveDirectory? AD is already
usable as an authentication mechanism. See for example
<https://www.crunchydata.com/blog/windows-active-directory-postgresql-gssapi-kerberos-authentication>
cheers
andrew
--
Andrew Dunstan
EDB:https://www.enterprisedb.com
From | Date | Subject | |
---|---|---|---|
Next Message | Robert Haas | 2024-02-11 16:34:11 | Re: Collation version tracking for macOS |
Previous Message | Mats Kindahl | 2024-02-11 14:44:42 | Re: glibc qsort() vulnerability |