Hello ,
I am new to ldap2pg . I am trying to map an existing group in LDAP add its existing members to a local database group using ldap2pg.yml . I am able to successfully map/sync users individually and / or an empty local group , but cannot seem to figure out how to add the LDAP users onto the local database group so that instead of granting privileges at the user i can do it at the local group/role level .
version: 6
# LDAP connection configuration
ldap:
ldapscheme: ldaps
uri: ldaps://xxxxx.xxx.xxxxx.net:636
binddn: cn=pd_user-bnd,ou=div-110,ou=bnd,ou=nonhuman,ou=identities,ou=ad,dc=xxxx,dc=xxxx,dc=net
postgres:
roles_blacklist_query: [postgres, pg_*, aq_*, capture_*]
#dsn: host=localhost user=enterprisedb dbname=postgres
#databases_query: "SELECT datname FROM pg_catalog.pg_database;"
sync_map:
- description: "Query LDAP for an specific group and create local database role ."
ldapsearch:
base: dc=fcpd,dc=fcbint,dc=net
filter: "(&(objectClass=group)(cn=pd_my_AD_group))" # Search for the specific AD group
role:
name: "{cn}"
options: NOLOGIN
- description: "Sync LDAP group to local database group and add members"
`#` Map LDAP members to PostgreSQL roles
role:
name: "{cn.member}"
options: LOGIN
parent: "{cn}" # Add these roles as members of your_local_db_group
I am getting the below error >
17:10:20 INFO Starting ldap2pg version=6.4.2 commit=07ed9548 runtime=go1.24.2 pid=2677224
17:10:20 INFO Using YAML configuration file. path=/etc/ldap2pg.yml
17:10:20 WARN Dry run. Postgres instance will be untouched.
17:10:20 INFO Running as superuser. user=enterprisedb super=true server="PostgreSQL 16.9" cluster="" database=postgres
17:10:20 INFO Connected to LDAP directory. uri=ldaps://xxx.xxxx.xxx.net:636
17:10:20 INFO Query LDAP AD group and create local role corresponding to that LDAP AD group .
17:10:20 INFO Sync LDAP group to local database group and add members
17:10:20 ERROR Search error. Keep going. err="LDAP Result Code 32 \"No Such Object\": 0000208D: NameErr: DSID-0310021F, problem 2001 (NO_OBJECT), data 0, best match of:\n\t''\n\x00"
17:10:20 ERROR Fatal error. err="LDAP Result Code 32 \"No Such Object\": 0000208D: NameErr: DSID-0310021F, problem 2001 (NO_OBJECT), data 0, best match of:\n\t''\n\x00"
Regards
Franco
Hello ,
I am new to ldap2pg . I am trying to map an existing group in LDAP add its existing members to a local database group using ldap2pg.yml . I am able to successfully map/sync users individually and / or an empty local group , but cannot seem to figure out how to add the LDAP users onto the local database group so that instead of granting privileges at the user i can do it at the local group/role level .
I am getting the below error >
Regards
Franco