Password Synchronization with PostgreSQL Server

ADSelfService Plus’ Real-time Password Synchronizer helps ensure users have only one password between different applications to reduce password related issues. This means, every time a user resets or changes their Active Directory password, the new password will automatically be synced with the user’s PostgreSQL account.

Prerequisites:

Required privilege: PostgreSQL user account that is to be configured should either be a SUPERUSER or have CREATEROLE privileges.
ADSelfService Plus supports PostgreSQL versions 9.2 and above. If the PostgreSQL server with which we are to sync Active Directory passwords is installed in another machine, follow the step given below:
1. Edit the pg_hba.conf file (Location: C:\Program Files\PostgreSQL\9.x\data) by configuring the following attributes to specific values. host <database_name> <user> <IP address> <authentication_type>
2. <database_name> (Enter the name of a database that you want to access in the PostgreSQL server)
3. <user> (Enter the name of the user to whom you want to provide access to the entered database)
4. <IP address> (Enter the IP address of the machine in which ADSelfService Plus is deployed)
5. <authentication_type> (Type ‘trust’ to provide unconditional access to the database or type 'MD5' if you want the user to enter password during the authentication process.)

Note:

Use the tab key as the delimiter. If there are any other spaces other than a tab between the values, the configuration will not work.
Install the Password Sync Agent to synchronize native password changes and resets.

Configuration steps

Log into ADSelfService Plus admin console with admin credentials.
Navigate to Configuration → Self-Service → Password Sync/ Single Sign On.
Select the PostgreSQL application.
Note: You can also find PostgreSQL application that you need from the search bar located in the left pane or the alphabet wise navigation option in the right pane.
Enter the Application Name and Description.
In the Assign Policies field, select the policies for which password sync need to be enabled.
Note:ADSelfService Plus allows you to create OU and group-based policies for your AD domains. To create a policy, go to Configuration → Self-Service → Policy Configuration → Add New Policy.
Select Enable Password Sync.
Enter the System Name/IP Address of the server on which PostgreSQL Server instance is deployed.
Enter the name of the PostgreSQL Database for which the password sync is to be configured.
Enter the Port Number used by the PostgreSQL.
Enter the User Name and Password of the PostgreSQL user account.
Click Add Application.

Troubleshooting steps

Error: Connection refused or Invalid System Name or Port Number

Ensure that you have typed the port number used by the targeted PostgreSQL server instance.
Check if the port in the remote server is reachable using the telnet command.

telnet hostName/ipaddress portnumber
Check the status of the PostgreSQL server. If it is shutdown, start it. Check if the PostgreSQL server is reachable. If it is unreachable, check the network connections.

Previous Topic Next Topic

Thanks!

Your request has been submitted to the ADSelfService Plus technical support team. Our technical support people will assist you at the earliest.

Need technical assistance?

Enter your email ID
Talk to experts

Don't see what you're looking for?

Visit our community

Post your questions in the forum.
Request additional resources

Send us your requirements.
Need implementation assistance?

Try onboarding