Postgres Pro
Downloads
Home   >   mailing lists

SUM - Seeking experiences 'accessing' Microsoft Active Directory credentials from PostgreSQL, in conjunction with the sys admin / IT... - Mailing list pgsql-novice

From Greg Cocks
Subject SUM - Seeking experiences 'accessing' Microsoft Active Directory credentials from PostgreSQL, in conjunction with the sys admin / IT...
Date
Msg-id 66F6CF82BF58CE4DB4285BE816B297E8C72AE8@tribble.SMStoller.com
Whole thread Raw
In response to Seeking experiences 'accessing' Microsoft Active Directory credentials from PostgreSQL, in conjunction with the sys admin / IT...  ("Greg Cocks" <gcocks@stoller.com>)
List pgsql-novice
Tree view
Hello,
 
Thank you for the suggestions...
 
Background - I am working in a Windows environment, am a geologist by training and primarily focused on scientific data management and sharing, including via web pages (PHP, etc) that I construct...
 
Although the LDAP suggestions were intriguing, I unfortunately don't feel that I (currently at least) have the time to get into what seems like a very IT specific area...
 
Even with the stated and recognised "tomanymovingparts', I went with...
 
 - having IT dump the AD user contents into a pipe-delimited text field in a secure spot on 'my' web/database server on a nightly basis (yes, on the same virtual server - hey, we are a smallish operation!  ;)  )
 
 - installed pgAgent
 
 - wrote some simple SQL (TRUNCATE, COPY...) to clear out and reload my "AD copy" (sic) table in my database
 
 - added a pgAgent job to have this SQL 'work', again on a nightly basis 1 hour after the IT script created the text file 'dump' (note that I found I had to upgrade pgAdmin from v1.10.0 to 1.10.1, else trying to set up the job in pgAgent caused pgAdmin to crash (the power of Googling.. again...))
 
 - went ahead and moved my backups from *.bat files initiated by Windows Task Scheduler ---> pgAgent jobs (easier to manage, all in the one place, etc)
 
Again, thanks...
 
----------
Regards,
GREG COCKS
Data Management Specialist / Scientist / GIS Analyst IV
gcocks@stoller.com
S. M. Stoller Corp
105 Technology Drive, Suite 190
Broomfield, CO 80021
www.stoller.com
303-546-4300
303-443-1408 fax
303-546-4422 direct
303-828-7576 cell

From: Greg Cocks [mailto:gcocks@stoller.com]
Sent: Tue 2/23/2010 4:00 PM
To: pgsql-novice@postgresql.org
Cc: Pete Humphrey
Subject: [NOVICE] Seeking experiences 'accessing' Microsoft Active Directory credentials from PostgreSQL, in conjunction with the sys admin / IT...

Hello,

 

I have been doing some reading and working with the IT staff here to be able to get (read-only) accessibility in PostgreSQL to the Active Directory credentials for a Microsoft network – UID, fname, lname, etc (not the PWID of course!)

 

I would appreciate any suggestions on the most workable and dynamic approach…

 

My initial two thoughts were:

  • Have IT write a script to dump the AS credentials as, say, a delimited text file to a (secure) location on a nightly basis (an often enough frequency for my purposes) – and have PostgreSQL dynamically link, with the right credentials, to that network location with their text file/s (including ‘recognising’ when the file/s change)
  • A ‘direct’ read-only connection (without comprising the network security), but of what sort? I have no experience in how AD stores and shares its info, bit am happy to learn what is needed (IT has a lot of knowledge of course, but don’t use PostgreSQL)

 

Thanks in advance for any help…

 

Some new things to learn, always a good thing - hence what seems like a possibly vague / broad request…

 

----------
Regards,

Greg Cocks

Licensed Geologist, WA#415

Data Management & GIS Analyst
gcocks@stoller.com
S. M. Stoller Corp
105 Technology Drive, Suite 190
Broomfield, CO 80021
www.stoller.com
303-546-4300
303-443-1408 fax
303-546-4422 direct
303-828-7576 cell

 

pgsql-novice by date:

Previous
From: Michael Wood
Date:
Subject: Re: a query problem
Next
From: venkatrao.b@tcs.com
Date:
Subject: Re: a query problem