Greetings, * Jean-Philippe Chenel (jp.che...@live.ca) wrote: > You're absolutely right, the mapping work very well.
Great, glad to hear it. > I've created 2 "service user" on Active Directory (postgres and > postgres_dev), and generated the keytab like this: > > ktpass -out postgres_pg1.keytab -princ postgres/pgdomt1.ad....@ad.com > -mapUser AD\postgres -pass 'UserPass1' -mapOp add -crypto ALL -ptype > KRB5_NT_PRINCIPAL > > ktpass -out postgres_pg2.keytab -princ postgres/pgdomt2.ad....@ad.com > -mapUser AD\postgres_dev -pass 'UserPass2' -mapOp add -crypto ALL -ptype > KRB5_NT_PRINCIPAL I would strongly suggest you use passwords that are randomly generated and not sent to a public, archived, mailing list. If someone knows the password, they can impersonate the server. Thanks! Stephen
signature.asc
Description: PGP signature
