Re: 9.6.9 Default configuration for a default installation butdifferent with-krb-srvnam

Поиск
Список
Период
Сортировка
От Stephen Frost
Тема Re: 9.6.9 Default configuration for a default installation butdifferent with-krb-srvnam
Дата
Msg-id 20190430022153.GP6197@tamriel.snowman.net
обсуждение исходный текст
Ответ на RE: 9.6.9 Default configuration for a default installation butdifferent with-krb-srvnam  (Jean-Philippe Chenel <jp.chenel@LIVE.CA>)
Список pgsql-general
Дерево обсуждения 
Greetings,

* Jean-Philippe Chenel (jp.chenel@LIVE.CA) wrote:
> You're absolutely right, the mapping work very well.

Great, glad to hear it.

> I've created 2 "service user" on Active Directory (postgres and postgres_dev), and generated the keytab like this:
>
> ktpass -out postgres_pg1.keytab -princ postgres/PGDOMT1.ad.com@AD.COM -mapUser AD\postgres -pass 'UserPass1' -mapOp
add-crypto ALL -ptype KRB5_NT_PRINCIPAL 
>
> ktpass -out postgres_pg2.keytab -princ postgres/PGDOMT2.ad.com@AD.COM -mapUser AD\postgres_dev -pass 'UserPass2'
-mapOpadd -crypto ALL -ptype KRB5_NT_PRINCIPAL 

I would strongly suggest you use passwords that are randomly generated
and not sent to a public, archived, mailing list.  If someone knows the
password, they can impersonate the server.

Thanks!

Stephen
Вложения

В списке pgsql-general по дате отправления:

Предыдущее
От: Jean-Philippe Chenel
Дата:
Сообщение: RE: 9.6.9 Default configuration for a default installation butdifferent with-krb-srvnam
Следующее
От: Daulat Ram
Дата:
Сообщение: ERROR: operator does not exist: timestamp without time zone +integer