Thread: Requesting Information for GSSAPI

Requesting Information for GSSAPI

From
Lingesan Jeyapandy
Date:

Team,

 

We have configured postgres GSSAPI setup on Linux server.   We have huge domain AD users in our org.

 

But we are looking to limit access only to setup AD distributed groups. Is there any way to control access only at AD distribution list user can only access gssapi configured postgres environment.

 

Our postgres version is 15.

 

 

Regards,

 

Lingesan Jeyapandy

 

 

Re: Requesting Information for GSSAPI

From
Stephen Frost
Date:
Greetings,

* Lingesan Jeyapandy (...) wrote:
> We have configured postgres GSSAPI setup on Linux server.   We have huge domain AD users in our org.
>
> But we are looking to limit access only to setup AD distributed groups. Is there any way to control access only at AD
distributionlist user can only access gssapi configured postgres environment. 
>
> Our postgres version is 15.

To be able to log into the PG server, an account in PG has to exist.  If
it doesn't, then the user won't be able to log in.

There are some options for sync'ing specific AD groups into PG
accounts, eg:

https://github.com/larskanis/pg-ldap-sync

Thanks,

Stephen

Attachment