Re: Feature request support MS Entra ID Authentication from On-premises PostreSQL server - Mailing list pgsql-hackers

@font-face {font-family:"Cambria Math"; panose-1:2 4 5 3 5 4 6 3 2 4;}@font-face {font-family:Aptos;}p.MsoNormal, li.MsoNormal, div.MsoNormal {margin:0in; font-size:11.0pt; font-family:"Aptos",sans-serif; mso-ligatures:standardcontextual;}span.EmailStyle17 {mso-style-type:personal-compose; font-family:"Aptos",sans-serif; color:windowtext;}.MsoChpDefault {mso-style-type:export-only; font-size:11.0pt;}div.WordSection1 {page:WordSection1;}

Hi all,

 

Don’t know if I got this to the right group.

 

Proposal Template For a New Feature

One-line Summary:  Feature request Natively integration support Azure Microsoft Entra ID for authentication from On-premises PostreSQL server.

 

Business Use-case: Explain the problem that you are trying to solve with the proposal.

Using new Authentciation method (entra ID) vs Ldap method for On-Premises PostgreSQL server databases.

 

User impact with the change:

Trying to stream line accounts so we only have one place for Users and accounts, for onboarding

and offboarding and our Echo system is starting to move to Azure, but we still have On-premises PostgresSQL servers.

 

Our Security groups want us to use new Authentication methods and have integration into MS Entra ID.

 

I know that I can from the Azure PostgreSQL log in with Azure Entra ID with psql.exe and pgAdmin 4 and have this working for the Azure PostgreSQl database.

But have not found a way to do this with our On-premises PostgreSQL server databases.

There may be a method for  already doing this but I have not found it, and I am very new to PostgreSQL.

 

What is the difference between this and ActiveDirectory? AD is already usable as an authentication mechanism. See for example <https://www.crunchydata.com/blog/windows-active-directory-postgresql-gssapi-kerberos-authentication>

cheers

andrew

--
Andrew Dunstan
EDB: https://www.enterprisedb.com