Paris, July 7, 2026
Dalibo is pleased to announce the release of ldap2pg 6.6. This version brings GSSAPI/Kerberos authentication with the synchronization directory, support for PostgreSQL 19 beta, and a few bug fixes. Follow the installation documentation to install this new version.

Since 2017, ldap2pg has offered the best solution for automatically synchronizing roles and privileges for PostgreSQL.
Configure LDAP authentication in the pg_hba.conf file,
then use ldap2pg to create and configure roles from your corporate directory.
GSSAPI/Kerberos
ldap2pg now implements GSSAPI/Kerberos authentication for a secretless configuration when accessing the synchronization directory.
GSSAPI authentication is a new SASL mechanism available alongside DIGEST-MD5.
This mechanism is configured like ldaputils, with one subtle difference: GSSAPI encryption is automatically disabled if the connection is already encrypted with TLS.
Various Fixes
Some configuration and synchronization errors have been fixed. Loading legacy ldap2pg 5.9 configuration will now trigger errors to prevent inconsistent configurations. A deduplication bug caused missing roles to be created twice; this is now fixed. Version 6.6 therefore brings greater stability and reliability to administration.
Other Changes
As a sneak peek, ldap2pg 6.6 has been tested against PostgreSQL 19 beta without any issues. Finally, the Docker image is available again.
Find the English documentation, guides, and community support at these addresses:
- Changelog documentation
- Online documentation: http://ldap2pg.rtfd.io/en/latest/
- The project on GitHub: https://github.com/dalibo/ldap2pg
Étienne BERSAC and Pierre-Louis GONON develop ldap2pg, a Dalibo Labs project. For any technical questions, the team recommends using the ldap2pg page on GitHub.
- PostgreSQL (480) ,
- ldap (19) ,
- ldap2pg (21) ,
- security (5) ,
- release (99) ,
- Dalibo Labs (80) ,
- planetpgfr (53)