• Imagick PHP extension required
  • Passwords can be checked against external service (e.g. https://haveibeenpwned.com/API/v2#SearchingPwnedPasswordsByRange)
  • Personal/Windows: image cropping support
  • Better filtering of account lists
  • Unix: Unix and group of names memberships can be synced in group selection
  • IMAP: create mailbox via file upload
  • PHP 7.2 support
  • Support for "," in DN
  • LAM Pro:
    • Better support for 389ds password expiration
  • Fixed bugs:
    • Error on password reset page when custom fields is used (194)



  • Server profile: added option if referential integrity overlay is active to skip cleanup actions
  • Unix: several options are now specific to subaccount types (reconfiguration required!)
  • Fixed bugs:
    • Security fixes (XSS vulnerabilities CVE-2018-8763 and CSRF token in URL CVE-2018-8764)
    • Quota for Windows groups did not work
  • LAM Pro:
    • Support custom structural object classes with new custom type
    • Support dynamic lists
    • Self service login and password self reset can be secured with captcha


  • Fixed bugs:
    • Login page not working when no server profile exists (44)
    • LAM Pro: Password Self Reset has issues when both security question and confirmation mail are activated.
    • LAM main configuration: certificate buttons do not work


  • License changed from GPL v2 to GPL v3
  • PHP 5.6 and Internet Explorer 11 or later required
  • PDF export supports Chinese, Japan and Korean
  • Account status also shows expired accounts
  • Quota: support k/m/g/t/K/M/G/T to specify values in e.g. kB
  • LAM Pro:
    • Cron jobs include better logging and support dry-run


  • Automatically trim input fields to avoid trailing/leading spaces
  • LAM Pro:
    • Custom fields: support wildcards in text fields such as $firstname
    • Custom fields: specify minimum/maximum count for multi-value entries
    • Custom fields: new type for constant values
  • Fixed bugs:
    • Password modify page reports error on password change when posixAccount is present for users
    • Nginx configuration files did not include "fastcgi_param SCRIPT_FILENAME $request_filename;" (193)


  • Fixed bugs:
    • Configuration file fills up with empty values
    • Tool visibility settings


  • Support multiple configurations for same account type
  • PHP 7.1 compatibility
  • Courier users and mail aliases
  • Windows: Support unlocking of users with too many failed login attempts
  • Samba 3: added account expiration date to PDF fields
  • LAM Pro:
    • Custom fields: can be used for file upload
    • Custom fields: new selection list type that gets options from LDAP search
    • Kopano support


  • 2-factor authentication for admin login and self service with privacyIDEA
  • PDF files use DejaVu serif font for better readability and more supported characters (e.g. Cyrillic)
  • Updated Debian dependencies
  • Fixed bugs:
    • Comparison issue prevents saving of values (185)



  • New mechanism to replace wildcards in user edit screen. Personal/Unix support more wildcards like "$firstname".
  • Windows: added support for pager, otherPager, mobile, otherMobile, company and proxyAddresses (disabled by default in server profile)
  • Mail routing: enable for groups and allow to add/remove the extension
  • LAM Pro:
    • Password self reset: support for up to 3 security questions
    • 389ds: new wildcards for custom scripts: $INFO.389lockingStatusChange$ and $INFO.389deactivationStatusChange$
    • Custom scripts: custom button label supported for manual scripts



  • Windows: allow to show effective members of a group
  • Lamdaemon: support SSH key authentication
  • LAM Pro:
    • Group of names/members + roles: allow to show effective members of a group
    • Cron jobs:
      • Move or delete expired accounts (Shadow, Windows, qmail, FreeRadius)
      • 389ds: added job to notify before password expires
    • 389ds: manage password expiration time with module "Account locking"
  • Fixed bugs:
    • PHP 7 issues on edit page