• 2-factor authentication with OpenID
  • Send proper response code on failed login
  • LAM Pro:
    • OpenLDAP 2FA support for TOTP



  • Allow to store whole LAM configuration in MySQL database
  • Docker: new options for configuration location and LAM Pro license
  • Full PHP 8 compatibility
  • Replaced tree view and moved it to tools menu
  • Wildcards in edit screen support lower-case mode (e.g. "$_firstname")
  • Windows: more fields can be hidden
  • LAM Pro:
    • Export/Import of cron jobs
    • Mail server encryption type can be configured (TLS/SSL/none)
    • User self registration: support to define uid field to use constant or custom validation
    • Group of names user module: allow to sync memberships from other user
    • Custom fields:
      • Support password change dialog in user edit view
      • Added date and email validation for text fields
      • Support password reset page for password fields
      • New field types: LDAP date, LDAP date and time
    • Password self reset: fields on first page can be prefilled by URL parameter
  • Fixed bugs:
    • Truncated mail text field in "LAM Pro password mail settings" and 2FA base URLs
    • 389ds: support password change and force password in one save action



  • PHP 7.3 required
  • PHP 8.0 compatibility (except tree view)
  • Support copying LDAP entries from account list
  • Account/PDF profiles: management of global templates and logos
  • Group of names: allow filter by member/owner (#151)
  • General information: link to groups (#152)
  • LAM Pro:
    • Self registration: support binary attributes (e.g. for jpegPhoto)
    • Self registration: support custom mail attributes and mail from constant value (149)
    • Self registration: evaluate autorange at account creation (154)
    • MIT Kerberos: check Kerberos password policy on password change, better error handling
    • Self Service: new field to show user's quota values
    • Self Service: allow to create Unix home directory during registration
    • Custom type: allow for user/group/host to be able to reuse existing modules 


  • Argond2id support for password hashes (requires PHP 7.3) (#113)
  • 2-factor authentication:
    • Support for Okta
    • WebAuthn devices can be named in Self Service and WebAuthn tool
  • LAM Pro:
    • MIT Kerberos policies support
    • User self registration: added admin approval option and info mail for user after creation



  • PHP 7.4 compatibility
  • Configuration export and import
  • Server profiles support to specify a part of the DN to hide
  • Show password prompt when a user with expired password logs into LAM admin interface (requires PHP 7.2)
  • Better error messages on login when account is expired/deactivated/...
  • Personal/Windows: photo can be uploaded via webcam
  • Windows users: group display format can be configured (cn/dn)
  • Support PBKDF2-SHA512 password hashes
  • LAM Pro:
    • Windows: new cron job to send users a summary of their managed groups
  • Fixed bugs:
    • Unix groups: memberUid was not deleted correctly when forced sync with group of names is active



  • Unix: allow to create group with same name during user creation
  • LAM Pro:
    • EMail sending can be done via SMTP without local mail server
    • License expiration warning can be sent via email or disabled
  • Fixed bugs:
    • Captcha don't show anymore in Self Service login page (213)
    • Unix memberships cannot be changed. This issue can also affect other membership relations.


  • PHP 7 required
  • WebAuthn/FIDO2 support for 2-factor-authentication (requires PHP 7.2)
  • IMAP: changed library to support latest TLS versions
  • Personal: support display name (hidden by default in server profile)
  • Windows users: support allowed workstations, more profile options
  • LAM Pro:
    • PPolicy: support for password check module
    • Windows AD LDS support (users and groups)
    • User self registration: support Active Directory/Samba4


  • Lamdaemon can be configured with directory prefix for homedirs
  • Account list filters match on substrings instead of whole value
  • YubiKey: support to configure multiple verification servers
  • Deactivated non-maintained translations: Catalan, Czech, Hungarian, Polish and Turkish. Contact us if you would like to take over. Translators get LAM Pro for free (commercial use included).
  • Docker updates
  • Fixed bugs:
    • Missing CSS for Duo
    • Editing of DNs with comma on Windows (210)


  • Group account types can show member+owner count in list view
  • 2-factor authentication:
    • Duo support
    • user name attribute for privacyIDEA can be specified
  • LAM Pro:
    • New self service settings for login and main page footer
    • Custom fields: custom labels for LDAP search select list
  • Fixed bugs:
    • Configuration issue with Unix user/host module (206)



  • Parallel editing of multiple entries in different browser tabs supported
  • LAM supports the progressive web app standard which allows to install LAM as an icon on home screen
  • Windows: added home drive and force password change to profile editor
  • Unix: password management can be disabled in module settings
  • LAM Pro:
    • Bind DLZ: entry table can show record data (use special attribute "#records" in server profile)
  • Fixed bugs:
    • No drop-down filter box for account status (200)