PostgreSQL authenticated against Microsoft Active Directory

  • Can I authenticate with Active Directory and get into PostgreSQL?

    Version: PostgreSQL 16.1 on Windows Server 2022. I'm running DBeaver Community (portable version) on Windows 11 and successfully connect using database user postgres.

    I found this doc that suggests using GSSAPI to authenticate against Microsoft Active Directory. Confused now if I should be using LDAP authentication of GSSAPI?

    Most youtube videos (here and here) are pointing to PGAdmin. I'm trying to see if I can connect with DBeaver or others with Microsoft AD.

    Any guidance or links to examples are appreciated.

    Thank you

  • Thanks for posting your issue and hopefully someone will answer soon.

    This is an automated bump to increase visibility of your question.

  • This was removed by the editor as SPAM

  • First comment on this, I think you will get more/better results on a PostgreSQL form than a SQL Server forum. That being said, PostgreSQL has documentation on authentication. Have you reviewed this already?

    Link in case you were unaware -

    As for which approach you use, it really depends on the requirements. Active Directory supports LDAP, but it really depends on your environment and configuration and requirements. If simple LDAP lookup against AD is acceptable, then you can use that. If you want it a bit more secure, then GSSAPI is a better approach.

    If you are looking for examples, those are provided in the official documentation. I would recommend that you start with the official documentation than random people on the internet. Plus there is a lot of internal setup that needs to be in place too such as firewall rules.

    The above is all just my opinion on what you should do. 
    As with all advice you find on a random internet forum - you shouldn't blindly follow it.  Always test on a test server to see if there is negative side effects before making changes to live!
    I recommend you NEVER run "random code" you found online on any system you care about UNLESS you understand and can verify the code OR you don't care if the code trashes your system.

Viewing 4 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic. Login to reply