diff --git a/run_flaschengeist b/run_flaschengeist
index 55fabad..03d3222 100644
--- a/run_flaschengeist
+++ b/run_flaschengeist
@@ -5,7 +5,9 @@ import argparse
 import sys
 
 import pkg_resources
+from sqlalchemy import exc
 
+from flaschengeist.app import create_app, install_all
 from flaschengeist.config import config
 
 
@@ -130,16 +132,12 @@ class InterfaceGenerator:
 
 
 def install(arguments):
-    from flaschengeist.app import create_app, install_all
-
     app = create_app()
     with app.app_context():
         install_all()
 
 
 def run(arguments):
-    from flaschengeist.app import create_app
-
     app = create_app()
     with app.app_context():
         app.wsgi_app = PrefixMiddleware(app.wsgi_app, prefix=config["FLASCHENGEIST"].get("root", ""))
@@ -151,7 +149,6 @@ def run(arguments):
 
 def export(arguments):
     import flaschengeist.models as models
-    from flaschengeist.app import create_app
 
     app = create_app()
     with app.app_context():
@@ -167,16 +164,23 @@ def export(arguments):
         gen.write()
 
 
-def ldap_sync(arguments):
-    from flaschengeist.app import create_app
-    from flaschengeist.controller import userController
-    from flaschengeist.plugins.auth_ldap import AuthLDAP
-    from ldap3 import SUBTREE
-
+def ldap(arguments):
     app = create_app()
     with app.app_context():
-        auth_ldap: AuthLDAP = app.config.get("FG_PLUGINS").get("auth_ldap")
-        if auth_ldap:
+        if arguments.set_admin:
+            from flaschengeist.controller import roleController
+            from flaschengeist.database import db
+            role = roleController.get(arguments.set_admin)
+            role.permissions = roleController.get_permissions()
+            db.session.commit()
+        if arguments.sync:
+            from flaschengeist.controller import userController
+            from flaschengeist.plugins.auth_ldap import AuthLDAP
+            from ldap3 import SUBTREE
+
+            auth_ldap: AuthLDAP = app.config.get("FG_PLUGINS").get("auth_ldap")
+            if auth_ldap is None:
+                raise Exception("Plugin >auth_ldap< not found")
             conn = auth_ldap.ldap.connection
             if not conn:
                 conn = auth_ldap.ldap.connect(auth_ldap.root_dn, auth_ldap.root_secret)
@@ -185,8 +189,6 @@ def ldap_sync(arguments):
             for ldap_user in ldap_users_response:
                 uid = ldap_user["attributes"]["uid"][0]
                 userController.find_user(uid)
-            exit()
-        raise Exception("auth_ldap not found")
 
 
 if __name__ == "__main__":
@@ -214,8 +216,10 @@ if __name__ == "__main__":
     )
     parser_export.add_argument("--plugins", help="Also export plugins (none means all)", nargs="*")
 
-    parser_ldap_sync = subparsers.add_parser("ldap_sync", help="synch ldap-users with database")
-    parser_ldap_sync.set_defaults(func=ldap_sync)
+    parser_ldap = subparsers.add_parser("ldap", help="LDAP helper utils")
+    parser_ldap.set_defaults(func=ldap)
+    parser_ldap.add_argument('--sync', action="store_true", help="Sync ldap-users with database")
+    parser_ldap.add_argument('--set-admin', type=str, help="Assign all permissions this to group")
 
     args = parser.parse_args()
     args.func(args)