Table of Contents
- Typical usage scenarios
- Users
- Personal
- Unix
- Group of names (LAM Pro)
- Shadow
- Password self reset (LAM Pro)
- Hosts
- Samba 3
- Windows (Samba 4)
- Filesystem quota (lamdaemon)
- Filesystem quota (LDAP)
- Kolab
- Asterisk
- EDU person
- Password policy (LAM Pro)
- FreeRadius
- Heimdal Kerberos (LAM Pro)
- MIT Kerberos (LAM Pro)
- Qmail (LAM Pro)
- Mail routing
- SSH keys
- Authorized services
- IMAP mailboxes
- Account
- Groups
- Hosts
- Samba 3 domains
- Group of (unique) names (LAM Pro)
- Asterisk
- Zarafa (LAM Pro)
- DHCP
- Aliases (LAM Pro)
- Mail aliases
- NIS net groups
- NIS objects (LAM Pro)
- Automount objects (LAM Pro)
- Password policies (LAM Pro)
- Custom fields (LAM Pro)
- Custom scripts (LAM Pro)
- Sudo roles (LAM Pro)
- General information
- Tree view (LDAP browser)
This chapter will give you instructions how to manage the different LDAP entries in your directory.
Please note that not all account types are manageable with the free LAM release. LAM Pro provides some more account types (e.g. group of names, aliases, ...) and modules (e.g. Zarafa, custom scripts, ...) to support additional LDAP object classes. All LAM Pro features are marked in this manual.
Basic page layout:
After the login LAM will present you its main page. It consists of a header part which is equal for all pages and the content area which covers most the of the page.
The header part includes the links to manage all account types (e.g. users and groups) and open the tree view (LDAP browser). There is also the logout link and a tools entry.
When you login the you will see an account listing in the content area.
Here you can create, delete and modify accounts. Use the action buttons at the left or double click on an entry to edit it.
The suffix selection box allows you to list only the accounts which are located in a subtree of your LDAP directory.
You can change the number of shown entries per page with "Change settings". Depending on the account type there may be additional settings. E.g. the user list can convert group numbers to group names.
When you select to edit an entry then LAM will show all its data on a tabbed view. There is one tab for each functional part of the account. You can set default values by loading an account profile.
Here is a list of typical usage scenarios and what account types and modules you need to configure.
Address book entries:
Account types:
Users (Personal)
Unix accounts:
Account types:
Users (Personal + Unix)
Groups (Unix (posixGroup))
Suse users may need to use Group (Group of names + Unix (rfc2307bisPosixGroup)) because of Suse's special LDAP schema.
Samba 3 accounts:
Account types:
Users (Personal + User + Samba 3)
Groups (Unix + Samba 3)
Hosts (Account + Unix + Samba 3)
Samba domains (Samba domain)
Samba 4:
Account types:
Users (Windows)
Groups (Windows)
Hosts (Windows)
Please note that must change the attributes that are shown in the account lists. Otherwise, the account tables will show empty lines. See the documentation for the Windows user/group/host modules.
For Samba 4 with Zarafa use the following modules:
Users (Windows + Zarafa (+ Zarafa contact))
Groups (Windows + Zarafa)
Hosts (Windows + Zarafa)
Zarafa dynamic groups (Zarafa dynamic group)
Zarafa address lists (Zarafa address list)
See also the Zarafa section for additional settings (e.g. using Zarafa AD schema).
Asterisk:
Account types:
Users (Personal + Asterisk)
Asterisk extensions (Asterisk extension)
Zarafa:
Account types:
Users (Personal + Unix + Zarafa (+ Zarafa contact))
Groups (Unix + Zarafa)
Zarafa dynamic groups (Zarafa dynamic group)
Zarafa address lists (Zarafa address list)
Hosts (Device + Zarafa + IP Address)