Shaun, * Shaun Thomas (sthomas@xxxxxxxxxxxxxxxx) wrote: > We're wanting to implement a more secure password policy, and so > have considered switching to LDAP/Active Directory for passwords. Don't use the LDAP side of AD, use the Kerberos side. Using LDAP for auth against AD is terrible and is only available because of backwards compatibility for broken, non-Kerberized applications. AD and Kerberos and PostgreSQL play very well these days and provides for true SSO. Thanks, Stephen
Attachment:
signature.asc
Description: Digital signature
