Обсуждение: Feature request support MS Entra ID Authentication from On-premises PostreSQL server
Azure Postgres login authentication :
This is how I do it for the Azure PostgreSQL, I will have to test to see if it will log in the same way, as I need to be able to get the token from Azure and pass that in as the password for the User/group account in the on-prem database.
Thanks the link ,
If anyone else has been able to authenticate on-prem PostgreSQL against Micorosft Entra ID and has the steps to do this that would also be good news.
From: Andrew Dunstan <andrew@dunslane.net>
Sent: Sunday, February 11, 2024 8:02 AM
To: rs.trevk@gmail.com; pgsql-hackers@lists.postgresql.org
Subject: Re: Feature request support MS Entra ID Authentication from On-premises PostreSQL server
On 2024-02-10 Sa 12:26, rs.trevk@gmail.com wrote:
Hi all,
Don’t know if I got this to the right group.
Proposal Template For a New Feature
One-line Summary: Feature request Natively integration support Azure Microsoft Entra ID for authentication from On-premises PostreSQL server.
Business Use-case: Explain the problem that you are trying to solve with the proposal.
Using new Authentciation method (entra ID) vs Ldap method for On-Premises PostgreSQL server databases.
User impact with the change:
Trying to stream line accounts so we only have one place for Users and accounts, for onboarding
and offboarding and our Echo system is starting to move to Azure, but we still have On-premises PostgresSQL servers.
Our Security groups want us to use new Authentication methods and have integration into MS Entra ID.
I know that I can from the Azure PostgreSQL log in with Azure Entra ID with psql.exe and pgAdmin 4 and have this working for the Azure PostgreSQl database.
But have not found a way to do this with our On-premises PostgreSQL server databases.
There may be a method for already doing this but I have not found it, and I am very new to PostgreSQL.
What is the difference between this and ActiveDirectory? AD is already usable as an authentication mechanism. See for example <https://www.crunchydata.com/blog/windows-active-directory-postgresql-gssapi-kerberos-authentication>
cheers
andrew
--
Andrew Dunstan
EDB: https://www.enterprisedb.com
Вложения
Thank you very much for your email. Additionally info:
This is what I have been able to setup for the Azure Flexserver PostgreSQL:
Azure Postgres login authentication :
This is how I do it for the Azure PostgreSQL, I will have to test to see if it will log in the same way, as I need to be able to get the token from Azure and pass that in as the password for the User/group account in the on-prem database.
Thanks the link ,
If anyone else has been able to authenticate on-prem PostgreSQL against Micorosft Entra ID and has the steps to do this that would also be good news.
From: Andrew Dunstan <andrew@dunslane.net>
Sent: Sunday, February 11, 2024 8:02 AM
To: rs.trevk@gmail.com; pgsql-hackers@lists.postgresql.org
Subject: Re: Feature request support MS Entra ID Authentication from On-premises PostreSQL server
On 2024-02-10 Sa 12:26, rs.trevk@gmail.com wrote:
Hi all,
Don’t know if I got this to the right group.
Proposal Template For a New Feature
One-line Summary: Feature request Natively integration support Azure Microsoft Entra ID for authentication from On-premises PostreSQL server.
Business Use-case: Explain the problem that you are trying to solve with the proposal.
Using new Authentciation method (entra ID) vs Ldap method for On-Premises PostgreSQL server databases.
User impact with the change:
Trying to stream line accounts so we only have one place for Users and accounts, for onboarding
and offboarding and our Echo system is starting to move to Azure, but we still have On-premises PostgresSQL servers.
Our Security groups want us to use new Authentication methods and have integration into MS Entra ID.
I know that I can from the Azure PostgreSQL log in with Azure Entra ID with psql.exe and pgAdmin 4 and have this working for the Azure PostgreSQl database.
But have not found a way to do this with our On-premises PostgreSQL server databases.
There may be a method for already doing this but I have not found it, and I am very new to PostgreSQL.
What is the difference between this and ActiveDirectory? AD is already usable as an authentication mechanism. See for example <https://www.crunchydata.com/blog/windows-active-directory-postgresql-gssapi-kerberos-authentication>
cheers
andrew
--Andrew DunstanEDB: https://www.enterprisedb.com
