Étienne BERSAC
Étienne BERSAC
@guruguruguru I guess that these roles should inherit from `ldap_roles` too. ``` yaml - roles: - name: ldap_roles - names: - ampua_test_app - ampua_test_read parent: ldap_roles - name: ampua_test_owner options:...
Ok, I need to update cookbook. Please keep this issue opened. Do you think #315 is ok ?
Fun. It looks like an int password in yaml breaks ldap2pg. The workaround is to quote the password. Can you confirm this ?
Thanks for the feedback. I'm reopening to provide a better error in such case.
Hi @joshlk actually, you can already do this by hacking the ACL mechanism :-) Just think `grant` as `create` and `revoke` as `drop`. This should look like: ``` yml acls:...
I'm thinking of extending ldap2pg to help managing this case. Here is an idea: ``` yaml - role: name: '{cn}' on_create: | CREATE SCHEMA {role}; on_alter: | ALTER SCHEMA {old}...
Another solution would be the allows override of queries : ``` yaml postgres: queries: role_create: | CREATE ROLE "{role}" WITH {options}; COMMENT ON ROLE "{role}" IS '{comment}'; CREATE SCHEMA "{role}";...
Hi @love2freefly , Can you use environment variables ? Note that ldap2pg refuses to read passwords from a world readable file.
Hi @schmandr , thanks for this excellent feedback ! I'll take a look at this.
Hi @arjan-saly-tfs . Interesting situation. I think that forest are more common than one may think because of enterprises bought by another. Does some users have some accounts in the...