Daniel Berteaud

Mmm, in fact, it's the ldapwhoami command which fails. Looks like samba just does not support the extended operation used by ldapwhoami

Opened but #571 to track this, as it's not related to StartTLS

Indeed, logging password would be bad, so ldap2pg would have to handled this specially. In my case, having passwords in the ldap2pg.yml is not an issue as I generate it...

I could, but that wouldn't bring me a lot of advantage for my use case (as my ldap2pg.yml is templated and already able to fetch values directly from vault).

I have several layers of template engines in my setup ;-) I use [gomplate](https://docs.gomplate.ca/) as a preprocessor engine to render my Nomad job files. This is where I merge various...

I think something like this could work for me :-) While at it, could a similar "pre" hook be added to ? If the post ones could be used to...

> I have updates on the design. > > What about including post and pre in rules like this : > > ```yaml > rules: > - description: ... >...

Yes, I'm using a preprocessor. In the Nomad orchestrator, you can submit just the YAML template with placeholders to dynamically fetch secrets from Hashicorp vault when rendered (you just have...

Here it is [ldap2pg.log.txt](https://github.com/dalibo/ldap2pg/files/12700466/ldap2pg.log.txt)

Self ? I'm trying to GRANT privileges on the vaultwarden database (which has been created by the postgres user, and so is owned by postgres) to the vaultwarden role. Am...