WMDE
/
LDAPAccountManager
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

moved docs to new manual

This commit is contained in:
Roland Gruber 2009-11-07 18:20:39 +00:00
parent b0615dc857
commit 74aa6b084d
3 changed files with 78 additions and 124 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
lam/INSTALL
View File

@ -1,64 +0,0 @@
Installation Instructions for LAM
---------------------------------
1. Requirements
- Apache webserver (SSL optional) with PHP module (PHP 5 (>= 5.1) with
ldap, gettext, xml and optional mcrypt)
- some LAM plugins may require additional PHP extensions (you will get a
note on the login page if something is missing)
- Perl (optional, needed only for lamdaemon)
- OpenLDAP (>2.0)
- A web browser :-)
MCrypt will be used to store your LDAP password encrypted in the session file.
See docs/README.schema.txt for information about used LDAP schema files.
2. Installation
1. Extract package with:
tar xzf ldap-account-manager-<version>.tar.gz
2. Install the files
2a. Copy the files into the html-file scope of the webserver. For example
/apache/htdocs.
Set appropriate file permissions:
- lam/sess: write permission for apache user
- lam/tmp: write permission for apache user
- lam/config (with subdirectories): write permission for apache user
- lam/lib: lamdaemon.pl must be set executable (See also
docs/readme.lamdeamon.txt)
2b. You can also use the included configure script to install LAM. See
"./configure --help" for a list of install options.
3. Configure config.cfg and create a configuration profile.
Copy config.cfg_sample to config.cfg and lam.conf_sample to lam.conf.
Open the index.html in your web browser:
- Follow the link "LAM configuration" from the start page.
(The default passwords to edit all options is "lam")
- Select "Edit general settings" to setup global settings and to change the configuration master password.
- Select "Edit server profiles" to setup your server profiles. There should be the lam profile
which you just copied from the sample file. The default password is "lam". Now change the settings
to fit for your environment.
3. Setting up PHP
LAM runs with PHP5 (>= 5.1).
Needed changes in your php.ini:
* memory_limit = 64M

49
lam/README
View File

@ -19,53 +19,12 @@ LAM - Readme
Roland Gruber <post@rolandgruber.de>
Tilo Lutz <tilolutz@gmx.de>
Requirements:
PHP5 (>= 5.1)
Openldap (2.0 or greater)
A web-browser that supports CSS
Installation and documentation:
Please see the LAM manual in docs/manual/index.htm.
Summary:
With LAM you can easily manage user, group and machine accounts stored in
an LDAP directory over a web interface. At the moment it supports:
- managing user/group/host/domain entries
- filtering and sorting
- account profiles
- multiple configuration profiles
- tree viwer
- schema browser
- OU Editor
- account creation via file upload
- PDF export for all accounts
- manage user/group Quota and create home directories
Important:
Default password:
The default password to edit the configuration options is "lam".
Installation:
Please see the INSTALL file.
Documentation:
Basic documentation is available in the directory "docs".
Upgrade from older versions:
See docs/README.upgrade.txt for upgrade instructions.
Internationalisation:
If you want to use a translated version of LAM be sure to install the
needed locales. See the LAM "locale" directory for a list of supported locales and languages.
You can get a list of all installed locales on your sysem by executing: locale -a
Debian users can add locales with "dpkg-reconfigure locales".
Security:
It is strongly recommended to use a SSL connection to your web server.
LAM needs to store your LDAP user name + password in the session. The session
files are saved in sess/ and are accessible only by the web server. To increase
security username and password are encrypted with MCrypt/AES if available.
The key and IV are generated at random when you log in. They are stored in two
cookies.
Download:
You can get the newest version at http://www.ldap-account-manager.org/.
@ -75,4 +34,4 @@ LAM - Readme
Have fun!
The LAM devel team
The LAM development team

85
lam/docs/manual-sources/howto.xml
View File

@ -32,6 +32,46 @@
<member>Tilo Lutz &lt;tilolutz@gmx.de&gt;</member>
</simplelist>
<para><emphasis role="bold">Key features:</emphasis></para>
<itemizedlist>
<listitem>
<para>managing user/group/host/domain entries</para>
</listitem>
<listitem>
<para>account profiles</para>
</listitem>
<listitem>
<para>account creation via file upload</para>
</listitem>
<listitem>
<para>multiple configuration profiles</para>
</listitem>
<listitem>
<para>tree view</para>
</listitem>
<listitem>
<para>schema browser</para>
</listitem>
<listitem>
<para>OU editor</para>
</listitem>
<listitem>
<para>PDF export for all accounts</para>
</listitem>
<listitem>
<para>manage user/group Quota and create home directories</para>
</listitem>
</itemizedlist>
<para><emphasis role="bold">Requirements:</emphasis></para>
<simplelist>
@ -50,6 +90,10 @@
<para>LAM is published under the GNU General Public License. The complete
list of licenses can be found in the copyright file.</para>
<para><emphasis role="bold">Default password:</emphasis></para>
<para>The default password for the LAM configuration is "lam".</para>
<literallayout>
Have fun!
The LAM development team</literallayout>
@ -288,7 +332,7 @@ Have fun!
</section>
<section>
<title>Locales for non-Englisch translation</title>
<title>Locales for non-English translation</title>
<para>If you want to use a translated version of LAM be sure to
install the needed locales. The following table shows the needed
@ -808,34 +852,49 @@ Have fun!
configuration and account profiles</para>
<itemizedlist>
<listitem>LAM configuration passwords (SSHA hashed)</listitem>
<listitem>
LAM configuration passwords (SSHA hashed)
</listitem>
<listitem>default values for new accounts</listitem>
<listitem>
default values for new accounts
</listitem>
<listitem>directory must be accessibly by Apache but needs not to be
accessible by the browser</listitem>
<listitem>
directory must be accessibly by Apache but needs not to be accessible by the browser
</listitem>
</itemizedlist>
<para><emphasis role="bold">sess:</emphasis> PHP session files</para>
<itemizedlist>
<listitem>LAM admin password in clear text or MCrypt encrypted</listitem>
<listitem>
LAM admin password in clear text or MCrypt encrypted
</listitem>
<listitem>cached LDAP entries in clear text or MCrypt encrypted</listitem>
<listitem>
cached LDAP entries in clear text or MCrypt encrypted
</listitem>
<listitem>directory must be accessibly by Apache but needs not to be
accessible by the browser</listitem>
<listitem>
directory must be accessibly by Apache but needs not to be accessible by the browser
</listitem>
</itemizedlist>
<para><emphasis role="bold">tmp:</emphasis> temporary files</para>
<itemizedlist>
<listitem>PDF documents which may also include passwords</listitem>
<listitem>
PDF documents which may also include passwords
</listitem>
<listitem>images of your users</listitem>
<listitem>
images of your users
</listitem>
<listitem>directory contents must be accessible by browser but directory
itself needs not to be browseable</listitem>
<listitem>
directory contents must be accessible by browser but directory itself needs not to be browseable
</listitem>
</itemizedlist>
</section>
</appendix>