Re: rolcanlogin vs. the flat password file
Dave Page <dpage@postgresql.org>
From: Dave Page <dpage@postgresql.org>
To: Magnus Hagander <magnus@hagander.net>
Cc: Tom Lane <tgl@sss.pgh.pa.us>,
Heikki Linnakangas <heikki@enterprisedb.com>, pgsql-hackers@postgresql.org
Date: 2007-10-17T16:47:26Z
Lists: pgsql-hackers
Magnus Hagander wrote: > On Wed, Oct 17, 2007 at 05:09:25PM +0100, Dave Page wrote: >> Stephen Frost wrote: >>> * Tom Lane (tgl@sss.pgh.pa.us) wrote: >>>> Heikki Linnakangas <heikki@enterprisedb.com> writes: >>>>> There's legitimate use for creating a role with NOLOGIN and a password. >>>> If we think that, then we shouldn't have a message at all. >>> I'm not sure I agree with that. I don't agree that there's really a >>> legitimate use for creating a role w/ NOLOGIN and a password either, for >>> that matter. >> Preparing a new user account prior to an employee starting? In my last >> post we would do that regularly - setup all the accounts etc for the new >> user, but disable them all until the start date. > > Yeah, but did you actually set a password for them? Yeah, then have them change them all during day 1 IT induction training. We had a much smaller team that I know you do, and the staff that would do the account setup would often be busy first thing on Monday morning when new starters might often arrive - so we would just 'flip the switch' on the pre-configured accounts. /D