diff --git a/lam/docs/manual-sources/howto.xml b/lam/docs/manual-sources/howto.xml index 8badd36f..92b8e418 100644 --- a/lam/docs/manual-sources/howto.xml +++ b/lam/docs/manual-sources/howto.xml @@ -162,7 +162,7 @@ Have fun! supports encrypted connections with SSL and TLS. - + Installation
@@ -392,13 +392,14 @@ Have fun! - Follow the link "LAM configuration" from the start page. - (The default passwords to edit all options is "lam") + Follow the link "LAM configuration" from the start page to + configure LAM. Select "Edit general settings" to setup global settings - and to change the configuration master password. + and to change the master + configuration password (default is "lam"). @@ -627,15 +628,120 @@ Have fun!
- + Configuration - TODO + After you installed LAM you + can configure it to fit your needs. The complete configuration can be done + inside the application. There is no need to edit configuration + files. + + Please point you browser to the location where you installed LAM. + E.g. for Debian/RPM this is http://yourServer/lam. If you installed LAM + via the tar.gz then this may vary. You should see the following + page: + + + + + + + + + + If you see an error message then you might need to install an + additional PHP extension. Please follow the instructions and reload the + page afterwards. + + Now you are ready to configure LAM. Click on the "LAM configuration" + link to proceed. + + + + + + + + + + Here you can change LAM's general settings, setup server profiles + for your LDAP server(s) and configure the self service (LAM Pro only). You + should start with the general settings and then setup a server + profile.
General settings - TODO + After selecting "Edit general settings" you will need to enter the + master configuration password. + The default password for new installations is "lam". Now you can edit + the general settings. + +
+ Security settings + + Here you can set a time period after which inactive sessions are + automatically invalidated. The selected value represents minutes of + inactivity. + + You may also set a list of IP addresses which are allowed to + access LAM. The IPs can be specified as full IP (e.g. 123.123.123.123) + or with the "*" wildcard (e.g. 123.123.123.*). Users which try to + access LAM via an untrusted IP only get blank pages. + + + + + + + + +
+ +
+ Password policy + + This allows you to specify a central password policy for LAM. + The policy is valid for all password fields inside LAM admin + (excluding tree view) and LAM self service. Configuration passwords do + not need to follow this policy. + + + + + + + + + + You can set the minimum password length and also the complexity + of the passwords. +
+ +
+ Logging + + LAM can log events (e.g. user logins). You can use system + logging (syslog for Unix, event viewer for Windows) or log to a + separate file. Please note that LAM may log sensitive data (e.g. + passwords) at log level "Debug". Production system should be set to + "Warning" or "Error". + + + + + + + + +
+ +
+ Change master password + + If you would like to change the master configuration password + then enter a new password here. +
@@ -1220,7 +1326,7 @@ Have fun! - Specify a name for the new profile and enter you master + Specify a name for the new profile and enter your master configuration password (default is "lam") to save the profile. @@ -1709,6 +1815,35 @@ Have fun! Security +
+ LAM configuration passwords + + LAM supports a two level authorization system for its + configuration. Therefore, there are two types of configuration + passwords: + + + + master configuration + password: needed to change general settings, + create/delete server profiles and self service profiles + + + + server profile password: used + to change the settings of a server profile (e.g. LDAP server and + account types to manage) + + + + The master configuration password can be used to reset a server + profile password. Each server profile has its own profile + password. + + Both password types are stored as hash values in the configuration + files for enhanced security. +
+
Use of SSL diff --git a/lam/docs/manual-sources/images/configGeneral1.png b/lam/docs/manual-sources/images/configGeneral1.png new file mode 100644 index 00000000..bdba0f3c Binary files /dev/null and b/lam/docs/manual-sources/images/configGeneral1.png differ diff --git a/lam/docs/manual-sources/images/configGeneral2.png b/lam/docs/manual-sources/images/configGeneral2.png new file mode 100644 index 00000000..5812dff7 Binary files /dev/null and b/lam/docs/manual-sources/images/configGeneral2.png differ diff --git a/lam/docs/manual-sources/images/configGeneral3.png b/lam/docs/manual-sources/images/configGeneral3.png new file mode 100644 index 00000000..4441b817 Binary files /dev/null and b/lam/docs/manual-sources/images/configGeneral3.png differ diff --git a/lam/docs/manual-sources/images/configOverview.png b/lam/docs/manual-sources/images/configOverview.png new file mode 100644 index 00000000..52c9b419 Binary files /dev/null and b/lam/docs/manual-sources/images/configOverview.png differ diff --git a/lam/docs/manual-sources/images/login.png b/lam/docs/manual-sources/images/login.png new file mode 100644 index 00000000..196683bb Binary files /dev/null and b/lam/docs/manual-sources/images/login.png differ