Home > mailing lists

Re: unrecognized configuration parameter "ldapbinddn" in file "/var/lib/pgsql/data/postgresql.conf" - Mailing list pgsql-admin

From	Stephen Frost
Subject	Re: unrecognized configuration parameter "ldapbinddn" in file "/var/lib/pgsql/data/postgresql.conf"
Date	November 6, 2023 17:27:46
Msg-id	ZUkiEvdaOYjAvY/U@tamriel.snowman.net Whole thread Raw
In response to	unrecognized configuration parameter "ldapbinddn" in file "/var/lib/pgsql/data/postgresql.conf" (Bernd Lentes <bernd.lentes@helmholtz-muenchen.de>)
List	pgsql-admin

Tree view

Greetings,

* Bernd Lentes (bernd.lentes@helmholtz-muenchen.de) wrote:
> i'm trying to use LDAP to authenticate Postgres against a Windows AD. On elder versions it succeeded.

You really shouldn't use the 'ldap' auth method in PostgreSQL as it
involves passing around a cleartext password to work.

With Windows AD, you can use Kerberos which is what all of the Microsoft
applications use for authentication too, avoids users having to ever
enter in their password, avoids having users end up saving their domain
password into cliet tools like pgAdmin, and is just overall far, far,
better and much more secure.

Note that in PostgreSQL, the Kerberos auth method is 'gssapi'.

Thanks,

Stephen

Attachment

signature.asc

pgsql-admin by date:

From: kaido vaikla
Date: 06 November 2023, 08:04:41
Subject: Re: Frequent failover

From: Sbob
Date: 07 November 2023, 04:15:12
Subject: TRIGGER on a FOREIGN Table?

Re: unrecognized configuration parameter "ldapbinddn" in file "/var/lib/pgsql/data/postgresql.conf" - Mailing list pgsql-admin

Attachment

Previous

Next