Question 1

How to configure ldap2pg with Active Directory?

Accepted Answer

Define the LDAP search base and filter in the YAML file to match your AD structure, using attributes like cn or sAMAccountName. Test with dry run mode first, and refer to the sample config for guidance on role mapping.

Question 2

Does ldap2pg delete roles when employees leave?

Accepted Answer

Yes, if configured correctly: ldap2pg drops roles based on LDAP searches, but you must set up rules to map missing LDAP entries to role removal. Always use check mode to audit before applying changes.

Question 3

ldap2pg vs manual PostgreSQL role management?

Accepted Answer

ldap2pg automates sync from LDAP or YAML, reducing manual errors and saving time in enterprise settings. Manual management is better for small, static databases where automation overhead isn't justified.

Question 4

Can ldap2pg sync database privileges too?

Accepted Answer

Yes, it grants and revokes privileges statically from YAML or dynamically from LDAP entries, managing both roles and their permissions. Use the --skip-privileges flag to disable this if needed.

Question 5

How to run ldap2pg in a Docker container?

Accepted Answer

Use the official Docker image from Docker Hub, mount your YAML config and environment variables for LDAP/Postgres credentials. The tool logs output, so ensure volumes are set for persistence in production.

Question 6

What if ldap2pg makes a mistake and drops a critical role?

Accepted Answer

Always use dry run mode to preview SQL changes first. The comprehensive logging allows rollback by replaying SQL, but backup roles regularly and implement staging environment tests to minimize risks.

ldap2pg

What is ldap2pg?

Overview

Use Cases

Best For

Related Projects

Found a gem we're missing?

Not Ideal For

Pros & Cons

Pros

Cons

Frequently Asked Questions