Securing database access - BlueCat Integrity - 26.1.0

Address Manager Administration Guide
ft:locale
en-US
Product name
BlueCat Integrity
Version
26.1.0

In Address Manager v26.1.0, users can secure local database connections by defining authorized system accounts and enabling peer authentication.

Defining authorized system accounts

Before securing the database with peer authentication, you must add identity map entries to define which system accounts are authorized to access Address Manager's PostgreSQL database.
Note: The system accounts listed below must be mapped to ensure that Address Manager services are able to access the database. For Address Manager servers in replication, the database commands listed below are only available on the primary server. Commands issued on the primary server will automatically be propagated to secondary servers.
  1. Log in to the Address Manager Administration Console as the administrator. For more information on default login credential for Address Manager, refer to BlueCat default login credentials (you must be authenticated to view this topic).
  2. Type configure database and press ENTER.
  3. Type add ident-map pg-postgres root postgres and press ENTER.
  4. Type add ident-map pg-postgres replication postgres and press ENTER.
  5. Type add ident-map pg-postgres jetty postgres and press ENTER.
  6. Type add ident-map pg-postgres bluecat postgres and press ENTER.
  7. Type save and press ENTER. The administration console saves your settings.
  8. Type exit and press ENTER to return to main session mode.

Enable peer authentication for local connections

Once you have defined the system accounts that are authorized to access the Address Manager database, set the local authentication method to peer.

  1. Type configure database and press ENTER.
  2. Type set local-auth peer pg-postgres and press ENTER.
  3. Type save and press ENTER. The administration console saves your settings.
  4. Type exit and press ENTER to return to main session mode.

Disabling peer authentication

To disable peer authentication and return to default settings, set the local authentication method to trust.

  1. Type configure database and press ENTER.
  2. Type set local-auth trust and press ENTER.
  3. Type save and press ENTER. The administration console saves your settings.
  4. Type exit and press ENTER to return to main session mode.