All we need is an easy explanation of the problem, so here it is.
Is it possible to grant an AD group in PG 13 without sorting to creating the group in the database?
Similar to how AD groups can be granted directly in SQL Server.
The PG server is on a Windows server that is already joined to the AD domain.
Note: I asking about authorization and not authentication against AD.
How to solve :
I know you bored from this bug, So we are here to help you! Take a deep breath and look at the explanation of your problem. We have many solutions to this problem, But we recommend you to use the first method because it is tested & true method that will 100% work for you.
No. All roles have to be created with
CREATE ROLE in the database.
The existence of the role in the database is necessary, because it is associated with permissions in the database (authorization). Authorization is not managed through an external authority. What is managed externally is authentication.
You could write or find some software that synchronizes PostgreSQL roles with what is in your Active Directory.
Note: Use and implement method 1 because this method fully tested our system.
Thank you 🙂