On Thu, Jan 20, 2011 at 2:45 PM, Andrew Dunstan <andrew@dunslane.net> wrote:
> Have you thought of trying to use an external auth source like LDAP for such
> a scheme?
I have thought about that, although LDAP is the only one that came to
mind (I don't know a whole lot of systems in detail, only by name...so
suggestions welcome for low-administrative-overhead variants). I also
briefly considered investigating what hooks I could exploit for auth &
auth; I do not know these very well right now. It would be ideal to
not have to run another full bore set of services to support phased
password rotation, though -- in this case it would still appear be
better, but frustrating to use the CREATE ROLE ... IN ROLE dance.
--
fdr