LAM has the following requirements to run:
Apache/Nginx webserver (SSL recommended) with PHP module (PHP (>= 7.2.0) with ldap, gettext, xml, openssl and optional OpenSSL)
Some LAM plugins may require additional PHP extensions (you will get a note on the login page if something is missing)
Perl (optional, needed only for lamdaemon)
Any standard LDAP server (e.g. OpenLDAP, Active Directory, Samba 4, OpenDJ, 389 Directory Server, Apache DS, ...)
A recent web browser that supports CSS2 and JavaScript, at minimum:
Firefox (max. 2 years old)
Edge (max. 2 years old)
Opera (max. 2 years old)
Chrome (max. 2 years old)
OpenSSL will be used to store your LDAP password encrypted in the session file.
Please note that LAM does not ship with a selinux policy. Please disable selinux or create your own policy.
See LDAP schema fles for information about used LDAP schema files.
LAM is available as prepackaged version for various platforms.
LAM is part of the official Debian repository. New
releases are uploaded to unstable and will be available
automatically in testing and the stable releases. You can
run apt-get install ldap-account-manager to install LAM on your server. Additionally, you may download the latest LAM Debian packages from the LAM homepage or the Debian package homepage.Installation of the latest packages on Debian
|
There are RPM packages available on the LAM
homepage. The packages can be installed with these
commands: rpm -e ldap-account-manager ldap-account-manager-lamdaemon (if an older version is installed) rpm -i <path to LAM package>
Note: The RPM packages do not contain a dependency to PHP due to the various package names for it. Please make sure that you install Apache/Nginx with PHP. |
The RPM packages for Suse/Fedora are very generic and should be installable on other RPM-based distributions, too. The Fedora packages use apache:apache as file owner and the Suse ones use wwwrun:www.
LAM is part of the official FreeBSD ports tree. For
more details see these pages: FreeBSD-SVN: http://svnweb.freebsd.org/ports/head/sysutils/ldap-account-manager/ FreshPorts: http://www.freshports.org/sysutils/ldap-account-manager |
Please extract the archive with the following command:
tar xjf ldap-account-manager-<version>.tar.bz2
Copy the files into the html-file scope of the web server. For example /apache/htdocs or /var/www/html.
Then set the appropriate file permissions inside the LAM directory:
sess: write permission for apache/nginx user
tmp: write permission for apache/nginx user
tmp/internal: write permission for apache/nginx user
config (with subdirectories): write permission for apache/nginx user
lib/lamdaemon.pl: set executable
Instead of manually copying files you can also use the included configure script to install LAM. Just run these commands in the extracted directory:
./configure
make install
Options for "./configure":
--with-httpd-user=USER USER is the name of your Apache/Nginx user account (default httpd)
--with-httpd-group=GROUP GROUP is the name of your Apache/Nginx group (default httpd)
--with-web-root=DIRECTORY DIRECTORY is the name where LAM should be installed (default /usr/local/lam)
Copy config/config.cfg.sample to config/config.cfg. Open the index.html in your web browser:
Follow the link "LAM configuration" from the start page to configure LAM.
Select "Edit general settings" to setup global settings and to change the master configuration password (default is "lam").
Select "Edit server profiles" to setup a server profile.
You can run LAM inside Docker.
Possible environment variables are documented in the sample .env file.
LAM repository:
https://hub.docker.com/r/ldapaccountmanager/lam
LAM Pro repository:
See LAM repository for usage examples.
Please request access at support providing your Gitlab (https://gitlab.com) user ID.
docker login registry.gitlab.com
docker pull registry.gitlab.com/ldapaccountmanager/lampro
docker run -p 8080:80 -it -d registry.gitlab.com/ldapaccountmanager/lampro:stable
Configuration files
All configuration files are stored in:
/etc/ldap-account-manager
/var/lib/ldap-account-manager
LAM runs with PHP 7 (>= 7.2.0). Needed changes in your php.ini:
memory_limit = 64M
For large installations (>10000 LDAP entries) you may need to increase the memory limit to 256M.
If you run PHP with activated Suhosin extension please check your logs for alerts. E.g. LAM requires that "suhosin.post.max_name_length" and "suhosin.request.max_varname_length" are increased (e.g. to 256).
If you want to use a translated version of LAM be sure to install the needed locales. The following table shows the needed locales for the different languages.
Table 2.1. Locales
Language | Locale |
Catalan | ca_ES.utf8 |
Chinese (Simplified) | zh_CN.utf8 |
Chinese (Traditional) | zh_TW.utf8 |
Czech | cs_CZ.utf8 |
Dutch | nl_NL.utf8 |
English - Great Britain | no extra locale needed |
English - USA | en_US.utf8 |
French | fr_FR.utf8 |
German | de_DE.utf8 |
Hungarian | hu_HU.utf8 |
Italian | it_IT.utf8 |
Japanese | ja_JP.utf8 |
Polish | pl_PL.utf8 |
Portuguese | pt_BR.utf8 |
Russian | ru_RU.utf8 |
Slovak | sk_SK.utf8 |
Spanish | es_ES.utf8 |
Turkish | tr_TR.utf8 |
Ukrainian | uk_UA.utf8 |
You can get a list of all installed locales on your system by executing:
locale -a
Debian users can add locales with "dpkg-reconfigure locales".