diff --git a/etc/genshi/postfix_ldap.txt b/etc/genshi/postfix_ldap.txt
index 0d97e56..5ac80d5 100644
--- a/etc/genshi/postfix_ldap.txt
+++ b/etc/genshi/postfix_ldap.txt
@@ -12,6 +12,7 @@
 {% end %}\
 
 {% include /var/lib/bcfg2/etc/genshi/ldap.txt %}\
+{% include /var/lib/bcfg2/etc/genshi/secrets.txt %}\
 
 # Connexion LDAP
 server_host = $ldap_host
@@ -19,7 +20,7 @@ search_base = ou=data,dc=crans,dc=org
 version = 3
 bind = yes
 bind_dn = cn=postfix,dc=crans,dc=org
-bind_pw = $ldap_password_readonly
+bind_pw = ${secrets.get("ldap_postfix")}
 
 # Requete faite a la base, %s est remplace
 # par l'alias recherche
diff --git a/etc/genshi/secrets.txt b/etc/genshi/secrets.txt
new file mode 100644
index 0000000..1335768
--- /dev/null
+++ b/etc/genshi/secrets.txt
@@ -0,0 +1,6 @@
+{# Recuperation des mots de passe #}
+{% python
+    import os
+    os.sys.append('/usr/script/gestion')
+    import secrets
+%}