Paris, July 7, 2026

Dalibo is pleased to announce the release of ldap2pg 6.6. This version brings GSSAPI/Kerberos authentication with the synchronization directory, support for PostgreSQL 19 beta, and a few bug fixes. Follow the installation documentation to install this new version.

ldap2pg

Since 2017, ldap2pg has offered the best solution for automatically synchronizing roles and privileges for PostgreSQL. Configure LDAP authentication in the pg_hba.conf file, then use ldap2pg to create and configure roles from your corporate directory.

GSSAPI/Kerberos

ldap2pg now implements GSSAPI/Kerberos authentication for a secretless configuration when accessing the synchronization directory. GSSAPI authentication is a new SASL mechanism available alongside DIGEST-MD5. This mechanism is configured like ldaputils, with one subtle difference: GSSAPI encryption is automatically disabled if the connection is already encrypted with TLS.

Various Fixes

Some configuration and synchronization errors have been fixed. Loading legacy ldap2pg 5.9 configuration will now trigger errors to prevent inconsistent configurations. A deduplication bug caused missing roles to be created twice; this is now fixed. Version 6.6 therefore brings greater stability and reliability to administration.

Other Changes

As a sneak peek, ldap2pg 6.6 has been tested against PostgreSQL 19 beta without any issues. Finally, the Docker image is available again.

Find the English documentation, guides, and community support at these addresses:


Étienne BERSAC and Pierre-Louis GONON develop ldap2pg, a Dalibo Labs project. For any technical questions, the team recommends using the ldap2pg page on GitHub.


DALIBO

DALIBO est le spécialiste français de PostgreSQL®. Nous proposons du support, de la formation et du conseil depuis 2005.