Good day to all. I would like to seek your professional help and advice.
I am attempting to configure Windows authentication on the Red Hat Linux server to connect to Windows AD. I chose the GSSAPI authentication method, but unfortunately, it is not working. May I ask a few questions:
What is the recommended authentication method from PostgreSQL if we want to use Windows authentication from Linux?
Do I need to generate a keytab file for every user or do I need to modify the /etc/krb5.keytab file one time only?
Do I need to remote to Windows AD and generate the keytab file or generate from Postgres Linux server itself?
Do I need to set up the Linux server domain name the same as the username domain name, e.g., [serverName@domainname.com] and domainname/username?
According to PostgreSQL 15 (hostgssenc - This record matches connection attempts made using TCP/IP but only when the connection is made with GSSAPI encryption. To make use of this option, the server must be built with GSSAPI support. Otherwise, the hostgssenc record is ignored, except for logging a warning that it cannot match any connections.) - which kind of components should Linux OS install to use GSSAPI authentication?". Recently my Linux OS only can find cyrus-sasl-gssapi.x86_64 rsyslog-gssapi.x86_64.
