LDAP Account Manager
|This article does not cite any references or sources. (July 2013)|
|Stable release||4.2 / June 4, 2013|
|Development status||Active, Stable|
|Operating system||OS Independent|
|License||GPL with proprietary extension|
LDAP Account Manager is a web application for managing various account types in an LDAP directory. It is written in PHP. In contrast to tools like PhpLDAPadmin the focus is account based and to give the user a more abstract view of a directory. This aims to allow people with little technical background to manage LDAP data. The base application is licensed under the GNU General Public License, and there is an extended version available under a commercial license.
The LDAP Account Manager (LAM) project was founded in February 2003. The first developers were Michael Dürgner, Roland Gruber, Tilo Lutz and Leonhard Walchshäusl. The goal was to create an application to manage Samba software accounts. At this time Samba supported LDAP in its 2.x releases and version 3 was at alpha stage. But there was no GUI to manage them. Until LAM version 0.4.10 only Samba accounts could be managed. In the year 2004 the project started to develop a plugin architecture to support more account types. The first stable release with the new code was LAM 0.5.0 in September 2005. There is a commercial variant (LAM Pro) since 1.0.4 that supports a user self-service (e.g. to change own password, telephone number, ...). It also supports additional LDAP objects (e.g. Zarafa, Kerberos, PPolicy, ...).
The most important account types which are supported by LAM are Samba, Unix, Zarafa and PPolicy. The user can define profiles for all account types to set default values. Account information can be exported as PDF files. There is also the possibility to create users via file upload. It also includes the tree view of PhpLDAPadmin to access the raw LDAP attributes. LAM is translated to 16 languages.
Supported account types:
- Samba 3,4
- Address book entries
- Asterisk (incl. voicemail and Asterisk extensions)
- Mail routing
- IMAP mailboxes (non-LDAP, via IMAP protocol)
- Heimdal Kerberos
- Authorized services
- Mail aliases
- Group of (unique) names
- IP and MAC addresses
- SSH keys
- File system quota (in LDAP (systemQuotas) and via external script)
- DHCP entries
- NIS objects/netgroups
- Automount entries
- Password policies (PPolicy)
- Sudo roles
The commercial version also includes a user self-service. This allows users to edit their own data, register accounts or reset passwords themselves.