Re: unrecognized configuration parameter "ldapbinddn" in file "/var/lib/pgsql/data/postgresql.conf"

Поиск
Список
Период
Сортировка
От Stephen Frost
Тема Re: unrecognized configuration parameter "ldapbinddn" in file "/var/lib/pgsql/data/postgresql.conf"
Дата
Msg-id ZUkiEvdaOYjAvY/U@tamriel.snowman.net
обсуждение исходный текст
Ответ на unrecognized configuration parameter "ldapbinddn" in file "/var/lib/pgsql/data/postgresql.conf"  (Bernd Lentes <bernd.lentes@helmholtz-muenchen.de>)
Список pgsql-admin
Greetings,

* Bernd Lentes (bernd.lentes@helmholtz-muenchen.de) wrote:
> i'm trying to use LDAP to authenticate Postgres against a Windows AD. On elder versions it succeeded.

You really shouldn't use the 'ldap' auth method in PostgreSQL as it
involves passing around a cleartext password to work.

With Windows AD, you can use Kerberos which is what all of the Microsoft
applications use for authentication too, avoids users having to ever
enter in their password, avoids having users end up saving their domain
password into cliet tools like pgAdmin, and is just overall far, far,
better and much more secure.

Note that in PostgreSQL, the Kerberos auth method is 'gssapi'.

Thanks,

Stephen

Вложения

В списке pgsql-admin по дате отправления:

Предыдущее
От: kaido vaikla
Дата:
Сообщение: Re: Frequent failover
Следующее
От: Sbob
Дата:
Сообщение: TRIGGER on a FOREIGN Table?