LAM has two major areas: Admin interface to manage all sorts of different LDAP entries (e.g. users/groups/hosts) Self service (LAM Pro) where end users can edit their own data Admin interface This is the main part of the application. It allows to manage a large list of LDAP entries (e.g. users, groups, DNS entries, ...). This part is accessed by LDAP admins and support staff. Functional areas: Account tabs: These tabs allow to switsch between different account types Tree view: Provides an LDAP browser to edit LDAP entries on attribute level Tools menu: Contains useful tools such as profile and PDF editor Help: Link to manual Logout: Logout of the application List view: Lists all entries of the selected account type (e.g. users) List configuration: Configuration settings for list view (e.g. number of entries per page) Filter: Filter boxes allow to enter simple filters like "a*" Self Service The self service provides a simple interface for your users to edit their own data (e.g. telephone number). It also supports user self registration and password reset functionality. You can fully customize the layout of the self service page. Configuration Configuration is done on multiple levels: Global Effective for all parts of LAM (e.g. logging and password policy). Configured via LAM admin login -> LAM configuration -> Edit general settings. Server profile All settings for an LDAP connection (e.g. server name, LDAP suffixes, account types/modules to activate) in admin interface. There may be multiple for one LDAP server (e.g. for multiple departments, different user groups, ...). Configured via LAM admin login -> LAM configuration -> Edit server profile. Self service All settings for a self service interface (e.g. fields that can be edited, password reset functionality, ...). Configured via LAM admin login -> LAM configuration -> Edit self service. Profiles Account profiles store default values for new LDAP entries. PDF structures PDF structures define the layout and list of data fields to include in PDF export.

Here you can find a list of common terms used in LAM. Term Description Account module Plugin for a specific account type (e.g. Unix plugin for user type) Account type Type of an LDAP entry (e.g. user/group/host) Admin interface LAM webpages for admin user (e.g. to create new users) Lamdaemon Support script to manage user file system quotas and create home directories PDF editor Manages PDF structures PDF export Exports an entry to PDF by using a PDF structure PDF structure Defines the layout and list of data fields to include in PDF export Profile Template for creation of LDAP entries, contains default values Profile editor Manages profiles for all account types Self Service LAM webpages for normal users where they can edit their own data Self service profile Configuration for self service pages (multiple configurations can exist) Tree view LDAP browser that allows to modify LDAP entries on attribute/object class level

There are basically two groups of users for LAM: LDAP administrators and support staff: These people administer LDAP entries like user accounts, groups, ... Users: This includes all people who need to manage their own data inside the LDAP directory. E.g. these people edit their contact information with LAM self service (LAM Pro). Therefore, LAM is split into two separate parts, LAM for admins and for users. LAM for admins allows to manage various types of LDAP entries (e.g. users, groups, hosts, ...). It also contains tools like batch upload, account profiles, LDAP schema viewer and an LDAP browser. LAM for users focuses on end users. It provides a self service for the users to edit their personal data (e.g. contact information). The LAM administrator is able to specify what data may be changed by the users. The design is also adaptable to your corporate design. LAM for admins/users is accessible via HTTP(S) by all major web browsers (Firefox, IE, Opera, ...). LAM runtime environment: LAM runs on PHP. Therefore, it is independent of CPU architecture and operating system (OS). You can run LAM on any OS which supports Apache, Nginx or other PHP compatible web servers. Home directory server: You can manage user home directories and their quotas inside LAM. The home directories may reside on the server where LAM is installed or any remote server. The commands for home directory management are secured by SSH. LAM will use the user name and password of the logged in LAM administrator for authentication. LDAP directory: LAM connects to your LDAP server via standard LDAP protocol. It also supports encrypted connections with SSL and TLS.