Thread: Centralized User Management Tool?
Howdy, Does anyone know of any tools or methods to handle centralized user management within postgres? I've got about 20 DB servers (and growing) each requiring a different number and level of user access (think dev, qa, staging, production, etc.) Corporate security guidelines state that all users need to have their own login, and since we work with sensitive data, that extends down into the developers space. I know i can authenticate using PAM on linux, however that still requires a user to get created in the DB. (I'm looking for a tool that helps manage that user creation portion) Thanks Dave
On Wed, 2010-09-29 at 14:21 -0700, David Kerr wrote: > Howdy, > > Does anyone know of any tools or methods to handle centralized user management within postgres? > > I've got about 20 DB servers (and growing) each requiring a different number and level of user access > (think dev, qa, staging, production, etc.) > > Corporate security guidelines state that all users need to have their own login, and since we > work with sensitive data, that extends down into the developers space. > > I know i can authenticate using PAM on linux, however that still requires a user to get created in > the DB. (I'm looking for a tool that helps manage that user creation portion) ldap > > Thanks > > Dave > -- PostgreSQL.org Major Contributor Command Prompt, Inc: http://www.commandprompt.com/ - 509.416.6579 Consulting, Training, Support, Custom Development, Engineering http://twitter.com/cmdpromptinc | http://identi.ca/commandprompt
On Wed, Sep 29, 2010 at 02:23:14PM -0700, Joshua D. Drake wrote: - > Howdy, - > - > Does anyone know of any tools or methods to handle centralized user management within postgres? - > - > I've got about 20 DB servers (and growing) each requiring a different number and level of user access - > (think dev, qa, staging, production, etc.) - > - > Corporate security guidelines state that all users need to have their own login, and since we - > work with sensitive data, that extends down into the developers space. - > - > I know i can authenticate using PAM on linux, however that still requires a user to get created in - > the DB. (I'm looking for a tool that helps manage that user creation portion) - - ldap oh, great! i thought that fell under the "authenticate" but not "authorize" umbrella. thanks! Dave
On Wed, 2010-09-29 at 14:21 -0700, David Kerr wrote: > Howdy, > > Does anyone know of any tools or methods to handle centralized user management within postgres? > > I've got about 20 DB servers (and growing) each requiring a different number and level of user access > (think dev, qa, staging, production, etc.) > > Corporate security guidelines state that all users need to have their own login, and since we > work with sensitive data, that extends down into the developers space. > > I know i can authenticate using PAM on linux, however that still requires a user to get created in > the DB. (I'm looking for a tool that helps manage that user creation portion) ldap > > Thanks > > Dave > -- PostgreSQL.org Major Contributor Command Prompt, Inc: http://www.commandprompt.com/ - 509.416.6579 Consulting, Training, Support, Custom Development, Engineering http://twitter.com/cmdpromptinc | http://identi.ca/commandprompt