User login

Home

LAM Pro features

User self service

 

This special feature allows your users to change certain LDAP data (e.g. telephone number or password) themselves.

 

It will make your life easier and allow you to focus on more important tasks.

Features:

  • Samba password synchronisation
  • multiple login methods (e.g. uid and email)
  • support for multiple self service profiles
  • highly configurable
  • allows to integrate external CSS files to match your corporate design


Screenshots:

user page configuration configuration
User page Basic configuration settings Manage input fields

 

Additional account modules

LAM Pro provides some more account modules to support additional LDAP object classes.

 Currently these are:

  • group of (unique) names: These modules can be used to represent group relations. Since they allow DNs as members you can also use them to represent nested groups.
  • alias: Can be used to define aliases for user accounts.
  • nisObject: Used to define network mounts.
  • rfc2307bis schema: Some distributions (e.g. Suse) use this schema for group accounts.
  • ipHost: IP addresses for host accounts
  • ppolicy: Password policy overlay for OpenLDAP
  • sudoRole: Sudo role management that replaces /etc/sudoers

 

Screenshots:

Group of names mainpage Edit members Add nested groups

 

Run custom scripts

LAM Pro allows you to run any script on your server when an account is created/modified/deleted. You can specify if a script should be run before or after the LDAP modification. You can also specify LDAP attributes as parameters for the script calls. This allows you to further automate your management processes.

The LAM Pro self service also supports custom scripts.

 

Access levels

You can define if LAM should allow write access, password changes or only read access.

Screenshots of read-only mode:

No controls to add/remove accounts No save button on account pages Limited tools available

 

Password reset page

This special page allows your deskside support staff to reset the Unix and Samba passwords of your users. LAM can generate random passwords and you can send the passwords directly by mail.

If you set the access level of your server profile to "Change passwords" then LAM will not allow any changes to the LDAP database except password changes via this page. The account pages will be still available in read-only mode.

Screenshots:

Access from account list Password reset page