LDAP Account Manager - Manual
Next
LDAP Account Manager - Manual
Overview
1. Big picture
Overview
Glossary
Architecture
2. Installation
New installation
Requirements
Prepackaged releases
Installing the tar.bz2
Docker
System configuration
Upgrading LAM or migrate from LAM to LAM Pro
Upgrade LAM
Version specific upgrade instructions
Uninstallation of LAM (Pro)
Migration to a new server
3. Configuration
General settings
Configuration Database
License (LAM Pro only)
Security settings
Password policy
Logging
Mail options (LAM Pro)
WebAuthn/FIDO2 devices
Change master password
Server profiles
Manage server profiles
Editing a server profile
Cron jobs (LAM Pro)
Typical scenarios
Self Service (LAM Pro)
Import and export configuration
4. Managing entries in your LDAP directory
Typical usage scenarios
Users
Personal
Unix
Group of names and group of members (LAM Pro)
Organizational roles (LAM Pro)
Shadow
NIS net groups
Password self reset (LAM Pro)
Hosts
Samba 3
Windows (Samba 4/Active Directory)
AD LDS (formerly ADAM) (LAM Pro)
Filesystem quota (lamdaemon)
Filesystem quota (LDAP)
Kolab
Asterisk
EDU person
PyKota
Password policy (LAM Pro)
Account locking for 389ds (LAM Pro)
FreeRadius
Heimdal Kerberos (LAM Pro)
MIT Kerberos (LAM Pro)
NIS mail aliases
Courier mail
Qmail (LAM Pro)
Mail routing
SSH keys
YubiKey
Authorized services
IMAP mailboxes
IP addresses (LAM Pro)
Account
OpenLDAP TOTP (LAM Pro)
Groups
Unix
Unix groups with rfc2307bis schema (LAM Pro)
Samba 3
Windows (Samba 4)
AD LDS (formerly ADAM) (LAM Pro)
Kolab
Mail routing
Quota
Dynamic lists (LAM Pro)
PyKota
Hosts
Account
Device (LAM Pro)
Samba 3
Windows (Samba 4)
IP addresses (LAM Pro)
MAC addresses
Puppet
NIS net groups
Samba 3 domains
Group of (unique) names and group of members (LAM Pro)
Organizational roles (LAM Pro)
Asterisk
Kopano (LAM Pro)
Users
Contacts
Groups
Address lists
Dynamic groups
Servers
Kolab shared folders
DHCP
Bind DLZ (LAM Pro)
Configuration
DNS entries
XFR entries
PowerDNS (LAM Pro)
Aliases (LAM Pro)
Mail aliases
NIS mail aliases
Courier mail aliases
NIS net groups
NIS objects (LAM Pro)
Automount objects (LAM Pro)
Oracle databases (LAM Pro)
Password policies (LAM Pro)
MIT Kerberos policies (LAM Pro)
PyKota printers
PyKota billing codes
Custom types (LAM Pro)
Custom fields (LAM Pro)
Custom scripts (LAM Pro)
Sudo roles (LAM Pro)
LDAP views based on nsview (LAM Pro)
Auto delete (LAM Pro)
General information
5. Tools
Profile editor
PDF editor
File upload
Multi edit
LDAP import/export
Import
Export
OU editor
Tree view
Schema browser
Server information
WebAuthn devices
Tests
Lamdaemon test
Schema test
6. Access levels and password reset page (LAM Pro)
Access levels
Password reset page
7. Self service (LAM Pro)
Preparations
OpenLDAP ACLs
Other LDAP servers
Creating a self service profile
Edit your new profile
General settings
Page layout
Module settings
Samba 3
Password self reset
User self registration
Custom fields
OpenLDAP TOTP
Adapt the self service to your corporate design
Custom header
CSS files
A. LDAP schema files
B. Security
LAM configuration passwords
Use of SSL
LDAP with SSL and TLS
Setup SSL certificates in LAM general settings
Setup SSL certificates on system level
Selinux
Chrooted servers
Protection of your LDAP password and directory contents
Apache configuration
Sensitive directories
Use LDAP HTTP authentication for LAM
Self Service behind proxy in DMZ (LAM Pro)
Nginx configuration
RPM based installations
DEB based installations
tar.bz2 based installations
WebAuthn/FIDO2
C. Typical OpenLDAP settings
D. Setup for home directory and quota management
Installation
LDAP Account Manager configuration
Setup sudo
Setup Perl
Set up SSH
Troubleshooting
E. Setup password self reset schema (LAM Pro)
New installation
Schema update
F. Adapt LAM to your corporate design
G. Clustering LAM
H. Troubleshooting
Reset configuration password
Functional issues
Performance issues
LDAP server
LAM web server