Re: multiple Kerberos Server Principals from 1 instance of pgadmin
| От | Stephen Frost |
|---|---|
| Тема | Re: multiple Kerberos Server Principals from 1 instance of pgadmin |
| Дата | |
| Msg-id | 20190816195730.GZ16436@tamriel.snowman.net обсуждение исходный текст |
| Ответ на | Re: multiple Kerberos Server Principals from 1 instance of pgadmin (Ivan Novick <inovick@pivotal.io>) |
| Список | pgadmin-support |
Greetings, * Ivan Novick (inovick@pivotal.io) wrote: > For greenplum database it would be gpadmin instead of postgres I see... I find that pretty odd- why would you change that? I suppose it's baked in at this point though, which is unfortunate. If it talks the PG protocol and is expected to be the only service on a given host, it really should be 'postgres' imv. > > PGKRBSRVNAME is typically either 'postgres' or 'POSTGRES', depending on > > if you are dealing with Active Directory clients or not. I agree that > > it's theoretically possible that you might need to be able to configure > > PGKRBSRVNAME on a per-server/cluster basis, but you definitely don't > > need to be able to do so on a per-database basis and the PGKRBSRVNAME > > has absolutely nothing to do with the user's username, nor the unix user > > that the server actually runs as. > > > > What, exactly, are you thinking that value would be set to? > > > > Can you show what klist -k /path/to/keytab on the PG server returns? > > You can see here a sample output that gpadmin is referenced. > klist -k /var/spool/keytabs/gpadmin > > Keytab name: FILE:/var/spool/keytabs/gpadmin > > KVNO Timestamp Principal > ---- ----------------- > -------------------------------------------------------- > 2 04/09/15 06:56:33 gpadmin/srv101.prd21.acme.com@is1.acme > 2 04/09/15 06:56:33 gpadmin/srv101.prd21.acme.com@is1.acme > 2 04/09/15 06:56:33 gpadmin/srv101.prd21.acme.com@is1.acme > 2 04/09/15 06:56:33 gpadmin/srv101.prd21.acme.com@is1.acme Thanks, that helps clarify what you're going for here. > What would help a lot is when setting up the Server properties in pgadmin4 > if we could add a PGKRBSRVNAME variable so it can be different for each > server. > > Does that make sense? Yes, having it configurable in the Server properties makes sense. > If the idea makes sense and is agreed, i could probably find a developer > that would be interested to help code it up and submit. I can't speak to how it should be exactly implemented in pgAdmin, but I would think having it configurable as a Server property and then passed into the connection string as a parameter would make the most sense. Going the environment variable route seems like it would be odd to me, but I don't hack pgAdmin much. :) Great! Thanks, Stephen
Вложения
В списке pgadmin-support по дате отправления: