Good afternoon fellows, it been a while.
I have been pondering on the idea of using Active Directory with PostgreSQL and xTuple.
I have reviewed the article found here:
Authenticating through LDAP
This describes loading users and groups into xtuple using psycopg and python-ldap and setting the pg_hba to send authentication requests to ldap. While this seems like a fine approach, I was thinking about sending my authentication request to PAM to be handled by sssd, krb5, and samba and thus AD.
I have had a lot of luck with the sssd, krb5, and samba stack as I plan to use this backend for some aspcore web applications elsewhere in the environment.
Does this sound like something that can work?
When does that ldap python script get used?