Thanks Chris! Since PostgreSQL still have to have those accounts even if we authenticate it externally we have to get at least the user creation date from the instance as that information might be different in instance vs external utility. Is there a possibility we can get it.
Most of our accounts are AD authenticated however we have some like (postgres – superuser!) which is local or peer authenticated we want to control that as well and hence the requirement. Regards, Virendra From: Christopher Browne [mailto:cbbro...@gmail.com] Sent: Thursday, May 09, 2019 5:04 PM To: Kumar, Virendra Cc: pgsql-general@lists.postgresql.org Subject: Re: User Details for PostgreSQL On Thu, 9 May 2019 at 16:43, Kumar, Virendra <virendra.ku...@guycarp.com<mailto:virendra.ku...@guycarp.com>> wrote: Hello Team, We are looking for some audit information about user creation. We need a few audit fields which we did not find in PostgreSQL. I would be happy if someone help us in finding these details. Besically we need information about: 1. User creation date 2. Last Password change date Do we have a way to get these values or can somebody guide us how we can store and get these values while creating user. Regards, Virendra Since there is a diversity of ways of managing this information, including outside the database, there is no way to assert a true-in-general mechanism for this. Indeed, if you are interested in managing such information particularly carefully, you may wish to use mechanisms such as PAM, Kerberos, LDAP, GSSAPI for this, in which case PostgreSQL may have no responsibility in the matter of managing passwords. It is quite likely a good idea to use something like Kerberos if you have the concerns that you describe, and if so, the audit information you want would be collected from Kerberos, not PostgreSQL -- When confronted by a difficult problem, solve it by reducing it to the question, "How would the Lone Ranger handle this?" ________________________________ This message is intended only for the use of the addressee and may contain information that is PRIVILEGED AND CONFIDENTIAL. If you are not the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, please erase all copies of the message and its attachments and notify the sender immediately. Thank you.
