Awesome Open Source
Awesome Open Source


| |CircleCI| |Codecov| |RTD| |PyPI| |Docker|

Swiss-army knife to synchronize Postgres roles and privileges from YAML or LDAP.

.. _documentation: .. _license: .. _contributors:


  • Creates, alters and drops PostgreSQL roles from LDAP queries.
  • Creates static roles from YAML to complete LDAP entries.
  • Manages role members (alias groups).
  • Grants or revokes privileges statically or from LDAP entries.
  • Dry run.
  • Logs LDAP queries as ldapsearch commands.
  • Logs every SQL query.
  • Reads settings from an expressive YAML config file.

Here is a sample configuration and execution:


$ cat ldap2pg.yml
- role:
    name: ldap_roles
    options: NOLOGIN
- ldap:
    base: ou=people,dc=ldap,dc=ldap2pg,dc=docker
    filter: "(objectClass=organizationalPerson)"
    name: '{cn}'
    options: LOGIN
    parent: ldap_roles
$ ldap2pg --real
Starting ldap2pg 5.3.
Using .../ldap2pg.yml.
Running in real mode.
Inspecting roles in Postgres cluster...
Querying LDAP ou=people,dc=ldap,dc=lda... (objectClass...
Create domitille.
Add missing ldap_roles members.
Delete spurious ldap_roles members.
Update options of albert.
Reassign oscar objects and purge ACL on postgres.
Reassign oscar objects and purge ACL on template1.
Drop oscar.
Synchronization complete.

See versionned ldap2pg.yml <>_ and documentation_ for further options.


Install it from PyPI tarball::

pip install ldap2pg psycopg2-binary

More details can be found in documentation_.

ldap2pg is licensed under PostgreSQL license_. ldap2pg is available with the help of wonderful people, jump to contributors_ list to see them.

ldap2pg is reported to work with OpenLDAP, FreeIPA, Oracle Internet Directory and Microsoft Active Directory.

.. _OpenLDAP: .. _FreeIPA:


If you need support and you didn't found it in documentation_, just drop a question in a GitHub issue <>! French accepted. Don't miss the cookbook <>. You're welcome!

.. |Codecov| image:: :target: :alt: Code coverage report

.. |CircleCI| image:: :target: :alt: Continuous Integration report

.. |Docker| image:: :target: :alt: Docker Image Available

.. |ldap2pg| image:: :target: :alt: ldap2pg: PostgreSQL role and privileges management

.. |PyPI| image:: :target: :alt: Version on PyPI

.. |RTD| image:: :target: :alt: Documentation

Get A Weekly Email With Trending Projects For These Topics
No Spam. Unsubscribe easily at any time.
python (53,699
postgresql (731
yaml (221
ldap (78
acl (77
roles (34