ldap2pg is a simple yet powerful tool to synchronize Postgres roles and ACLs
from LDAP directories, including OpenLDAP and Active Directory.
Project goals include stability, portability, high configurability, state of the art code quality and nice user experience.
- Configure multiple LDAP queries.
- Customize Postgres role options (
- Create, alter and drop roles.
- Manage role members.
- Grant or revoke ACLs per database and/or per schema.
- Dry run to audit a cluster.
Just use PyPI as any regular Python project:
# apt install -y libldap2-dev libsasl2-dev # pip3 install ldap2pg # ldap2pg --help
Now you must configure Postgres and LDAP connections as well as the
dumb but tested
a good way to start.
# curl -LO https://github.com/dalibo/ldap2pg/raw/master/ldap2pg.yml # editor ldap2pg.yml
Finally, it’s up to you to use
ldap2pg in a crontab or a playbook. Have fun!