Windows Trusted User Authentication for a Linux hosted Firebird Server

[Dalton Calford]

Hi all,

I am wondering if it is possible to use trusted authentication from a windows client to a linux hosted firebird database and if so, what are the steps needed to set this up?

This is for a new project/installation so I will be using whatever version is best for this support (I am assuming version 5)

best regards

Dalton

[Mark Rotteveel]

As far as I know, this is not possible. It uses a Windows API
client-side *and* (AFAIK) server-side to perform the authentication, so
it only works between Windows clients and Windows servers.

Mark
--
Mark Rotteveel

[Dimitry Sibiryakov]

'Mark Rotteveel' via firebird-support wrote 02.06.2024 11:16:
> As far as I know, this is not possible. It uses a Windows API client-side *and*
> (AFAIK) server-side to perform the authentication, so it only works between
> Windows clients and Windows servers.

Linux PAM modules for Windows authentication exist so in theory it is
possible to create such auth plugin for Firebird too. Just there was nobody who
could do it.

--
WBR, SD.

[Dalton Calford]

I can and have setup Linux boxes on a Windows domain for Linux user authentication from the domain.
Is there documentation in regards to the modules used so that I can review them and see if I can get it coded?

--
You received this message because you are subscribed to the Google Groups "firebird-support" group.
To unsubscribe from this group and stop receiving emails from it, send an email to firebird-suppo...@googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/firebird-support/f2956503-5169-42d2-a617-96b9ad8e14a6%40ibphoenix.com.

[Dimitry Sibiryakov]

Dalton Calford wrote 02.06.2024 15:49:
> I can and have setup Linux boxes on a Windows domain for Linux user
> authentication from the domain.
> Is there documentation in regards to the modules used so that I can review them
> and see if I can get it coded?

If you mean PAM then this is what you set up on Linux to get Windows auth
working.
If you mean Firebird auth plugin then there is nothing but sources and an
example.

--
WBR, SD.

[Dalton Calford]

Can you point out in the firebird code, the sources and example?

I have not looked at the code for years and it would be helpful to know the sections to begin with.

Pam is well documented and I have the MySQL code that does the same task.

Also, what is the username size limit in firebird?

For example, a username with domain name, could get quite long.

Ie 

MYWINDOWSDOMAINNAME/MYUSERNAME 

(never before realized my android keyboard doesn't have the backslash)

--
You received this message because you are subscribed to the Google Groups "firebird-support" group.
To unsubscribe from this group and stop receiving emails from it, send an email to firebird-suppo...@googlegroups.com.

To view this discussion on the web, visit https://groups.google.com/d/msgid/firebird-support/27b3df54-230e-4e59-88da-bdd2104cd117%40ibphoenix.com.

[Dimitry Sibiryakov]

Dalton Calford wrote 03.06.2024 13:10:
> Can you point out in the firebird code, the sources and example?

Example of auth plugin:
https://github.com/FirebirdSQL/firebird/tree/master/examples/extauth
Win_Sspi plugin:
https://github.com/FirebirdSQL/firebird/tree/master/src/auth/trusted

--
WBR, SD.