I have some code that I've been using that supports adding and authenticating Windows groups via the pg_ident file. This is useful for sysadmins as it lets them control database access outside the database using Windows groups. It has a new indicator (+), that signifies the identifier is a Windows group, as in the following example:
# MAPNAME SYSTEM-USERNAME PG-USERNAME "Users" "+User group" postgres A new function was added to test if a user token is in the windows group: /* * Check if the user (sspiToken) is a member of the specified group */ static BOOL sspi_user_is_in_group(HANDLE sspiToken, LPCTSTR groupName) Attached is the patch. thanks, Russell Foster
0001-Add-support-for-Windows-groups-in-SSPI-authenticatio.patch
Description: Binary data
