Thread: Request for help

Hi,

We have recently converted our db2 database to PostgreSQL and we stuck on one thing I,e Authentication of users.

Let me explain what was in DB2,

We have a unix group "mhubrpt" on DB2 unix server and have connect permissions to DB2 database for that group.
Whenever user needs access to DB2 database we will add that user to DB2 unix server and assign to group mhubrpt, then
userwas getting access to DB2 database. 
If user wants to connect DB2 database through graphical tool like Toad from any other windows operated machine he used
togive unix server login credential (userid and password) at Tool. 

We are planning to maintain same type of authentication in PostgreSQL, can you please help us.

Thanks,
Veera

Sent from my iPhone

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Am 09.08.2013 21:49, schrieb ramanajvv@gmail.com:
> We have recently converted our db2 database to PostgreSQL and we
> stuck on one thing I,e Authentication of users.
>
> Let me explain what was in DB2,
>
> We have a unix group "mhubrpt" on DB2 unix server and have connect
> permissions to DB2 database for that group. Whenever user needs
> access to DB2 database we will add that user to DB2 unix server and
> assign to group mhubrpt, then user was getting access to DB2
> database. If user wants to connect DB2 database through graphical
> tool like Toad from any other windows operated machine he used to
> give unix server login credential (userid and password) at Tool.
>
> We are planning to maintain same type of authentication in
> PostgreSQL, can you please help us.

PostgreSQL does not use - different to e.g. Informix and DB2 - use the
user administration of the underlying operating system.
You can achieve what you described just by adding users as a
postgresql login role and giving them connect and other priviliges
(e.g. SELECT, etc) on the databse, schema, table... etc as you like.
Using a "group" role might ease your privilige administration.

http://www.postgresql.org/docs/9.2/static/user-manag.html

Hope this helps

Jan

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQEcBAEBAgAGBQJSBU6QAAoJEIJ7qif/sHv9YFMIAIx3H4vhJRk7N6SphvaYLe2Z
JopPwMDIBWNJL82iXD/tT/eSYmy9g/7sZGsFY/xpbHNXqOuJnQVw886JCi0I6jWH
2ibm9kI/nIK+/xSxLWJJJNzlE7iwxZoczIxcDMSi0+tZmy9EuyPdpr6K4r+cskCH
BIgxJ3HPCDuXTOlyvKow/iK47lZyNilBEvqauUH9lfl5B2sRkKrnOWOjiITdZzCg
pNJ4oYIg/Qc0hisZYjvTHXnMEv0GWAuKfrJ9FQ/v3YLLx4C05GFxbSAwUA2yzmDF
IyfhP9m//wjoozLoQSvqs3p6J50ivot5e/zCO/FUv3/e73eJdHLYzFrUrEXs+Fs=
=Twlz
-----END PGP SIGNATURE-----

* ramanajvv@gmail.com wrote:

> We have a unix group "mhubrpt" on DB2 unix server and have connect permissions to DB2 database for that group.
> Whenever user needs access to DB2 database we will add that user to DB2 unix server and assign to group mhubrpt, then
userwas getting access to DB2 database. 
> If user wants to connect DB2 database through graphical tool like Toad from any other windows operated machine he
usedto give unix server login credential (userid and password) at Tool. 
>
> We are planning to maintain same type of authentication in PostgreSQL, can you please help us.

You should be able to use PAM authentication, but you will have to
duplicate the users/groups in the database as well because PostgreSQL
does not refer to the system's user accounts.

If you want to create users in only one place, that must be the database.

--
Christian