My project to integrate PostgreSQL with Active Directory is progressing nicely.
(Yes, this is a good thing. MS SQL Server has "Integrated Security" which means it leverages the exsting Windows login to automatically access the database without a separate password. In a domain environment (read corporate environment), this is usually a very good thing. Having similar functionality in PostgreSQL helps make migration easier.)
Once the patches that were included in 8.0.2 got in, the remaining job wasn't very hard. Getting basic kerberos interoperability working was a lot easier now than last time I tried it, lots of progress made on the kerberos distributions there.
So far it only works if your server runs on Linux (or any unix should work - the point is that the win32 native server currently does not work). The clients can run either Windows or Unix. It requires the clients to use libpq (which means perhaps it works with the OLE DB driver since it's based on libpq - I need to test that).
It also requires the server and libpq to be recompiled with a different compile option. I'm going to be working on a patch for 8.1 to solve that.
A HOWTO document will be written once I've ironed out the last parts of the process. What I have now is enough for me to deploy to a set of about 30 users for 10dbs, but the build instructions are not exactly clear ATM.
Oh, and big thanks to Dave and the pgAdmin team for putting out 1.2.1 so quickly which had a fix required for Kerberos authentication to work.
New comments can no longer be posted on this entry.