User account menu

  • Log in
Home
LDAP Account Manager

Main navigation

  • Download
    • Releases
    • Docker and FreeBSD
  • Live Demo
  • LAM Pro
  • Shop
  • Documentation
    • Manual
    • Screenshots
    • Changelog
    • FAQ
    • Roadmap
  • Support
  • Developers
  • Partners

FAQ

General Questions

Is LAM OpenSource?

Yes, LAM is available under the GPL license. LAM Pro is a commercial offering that comes with full source included but requires to purchase a license.


What is the difference between LAM and LAM Pro?

LAM provides a basic set of features that already fulfil many use-cases. LAM Pro provides more advanced features like additional modules, self-service and white pages. See our feature matrix for the exact differences: https://www.ldap-account-manager.org/lamcms/featureMatrix


Does LAM offer commercial support?

LAM provides community support via the mailinglist. The Pro version includes email support.


Can I change LAM's color theme and put my own logo?

Please see the manual, appendix "Adapt LAM to your corporate design". You can integrate your own CSS and JS files. Self-service and white pages allow color changes by configuration.


Is there a mobile app version of LAM available?

LAM supports the progressive web application (PWA) standard. Mobile browsers that support PWA offer to install LAM like a native app.
 

Features

Is there a possibility to upload entries in batch?

LAM supports to create entries via CSV file upload. Just use your favorite spreadsheet application and import the data to your LDAP server. You can download a sample CSV file on the file upload screen.


I created my own custom LDAP schema, can LAM support it?

Sure, our custom type and custom fields modules (LAM Pro) were created for this use-case. Here you can define what object classes and attributes are part of your custom LDAP schema. LAM supports a wide range of possible LDAP attribute types (text, number, selctions, ...). All with custom labels and even help text for your users.


Do you support Suse's rfc2307biz LDAP schema?

Yes, LAM Pro contains special modules (e.g. for Unix groups and automount) to allow you to manage this data with LAM. See our manual for details.


Which SMS gateways are supported for password sending?

We support AWS SNS, GatewayAPI, SMSAPI, SMSBOX, Twilio and providers that support email-to-SMS.

 

Self-Service (LAM Pro)

Can users reset their passwords via self-service?

Yes, LAM Pro self-service allows an easy and secure way to reset passwords. Users can setup security questions and/or confirm their request by clicking on a link sent by email or SMS.


Can users register themselves via self-service?

Absolutely, the LAM Pro self-service can be used to allow users to register their own account. You can define what kind of data needs to be provided. In addition, admins can approve the requests if needed.


Is there a possibility for users to request access to groups via self-service?

Sure, the request access module allows users to request group membership and also ownership. The requests can be approved by the group owners and/or by a central admin team. You can also limit the access for a given period of time, LAM will remove the membership when it is expired.


Next to editing data is there a possibility to display some data read-only?

Yes, self-service fields can be marked as read-only. This way, data is visible to the user but cannot be changed.
 

White Pages (LAM Pro)

Is anonymous access possible?

Yes, you can specify a technical user for the directory access and disable user authentication.


Can white pages be restricted to authenticated users?

Yes, you can configure authentication and also 2-factor-authentication if needed.


Is it possible to create different configurations for different purposes/user groups?

Sure, you can create multiple configurations that are fully independent. This way you can create e.g. a public user directory and a group directory that requires authentication.


Next to users, what else can I show in white pages?

This fully up to you as white pages is fully configurable. It can display any kind of LDAP data. You can use it display rooms, servers, DNS entries and much more.

 

Installation

Which LDAP servers are supported?

LAM supports a wide range of LDAP servers as LDAP itself is a standardized protocol. This includes e.g. OpenLDAP, 389ds, Samba 4 and Active Directory.


Does LAM support Active Directory?

Yes, Active Directory is fully supported (Microsoft and Samba). You can manage e.g. users and groups there. The self-service and white pages support it, too.


Does LAM run on Docker or Kubernetes?

Yes, we provide ready-to-use images for LAM and LAM Pro. See here: https://github.com/LDAPAccountManager/docker/pkgs/container/lam


How can I migrate from one server to another?

Please use the configuration export and import. This way you can migrate all your settings to the new system. You can find it on LAM's configuration screen.

 

LAM Pro Licensing and Installation

How do I upgrade from LAM to LAM Pro?

The upgrade is as simple as a version upgrade. Please install the LAM Pro package and enter your license key afterwards.
Note that LAM Pro is shipped with different installation files: https://www.ldap-account-manager.org/lamcms/LAMProReleases


How do I downgrade from LAM Pro to LAM?

Sad to see you go. Please send us a short feedback about the reasons to help us getting better. The downgrade is as simple as a version upgrade. Please install the free LAM package from the public download location: https://www.ldap-account-manager.org/lamcms/releases


Which license is required to install LAM Pro on a Docker container, Kubernetes pod or virtual server?

We count virtual servers the same as physical servers. If you startup a single Docker container, Kubernetes pod or VM then this requires a single machine subscription. If you run LAM on e.g. multiple VMs, containers or Kubernetes pods then this also requires multiple single machine subscriptions (or a company subscription).


Are there special licenses for non-production environments and testing?

Yes, each single machine subscription can be installed on up to 2 non-production servers. This way, you can perform e.g. upgrade or configuration tests in a separate environment at no extra cost.
Company subscriptions have no limit anyway.


Does LAM Pro include the full source code?

Yes, LAM Pro ships with its full source code. This means that you can make adaptions where needed. LAM Pro code and parts of it must not made public available without approval.
 

Security

Does LAM support 2-factor-authentication?

Yes, we support Duo, Okta, OpenID, privacyIDEA, WebAuthn and YubiKey. OpenID is very common and offered by many identity providers (e.g. Keycloak).


Is there support for Keycloack?

Yes, you can use Keycloack as 2-factor-authentication provider using the OpenID integration.


Is there support for STARTTLS and ldaps://?

Yes, both mechanisms to encrypt the network connection between LAM and the LDAP server are supported.


How about SELinux?

You can run LAM with SELinux in enforcing mode. Please see the security appendix in our manual for documentation to set it up.

 

Technical Issues

I lost my LAM configuration password (main configuration or server profile)

Please see our manual, troubleshooting appendix. Here you can find the required steps to reset LAM's configuration password.


Errors (e.g. object class violation/invalid syntax) when saving accounts

Probably, your LDAP server does not offer the required LDAP object classes and attributes.
To check the LDAP schema open Tools -> Tests -> Schema test and check if any errors are reported.
See the LAM manual for the required schema files.


LDAP + SSL does not work.

Please see the security appendix in our manual. Custom CAs will require to be trusted to work.


LAM just returns a blank page

The application includes several checks to prevent attacks (e.g. session hijacking). Whenever it detects such a situation it will log the incident and return no content. Please setup logging in LAM's main configuration and check what caused the problem. E.g. LAM will block requests if your IP changes during a running session.
Another issue could be that a severe error happened. In this case it will be logged in your Apache error log (e.g. /var/log/apache2/error.log).
See our support section to get help.


The configuration cannot be saved (error message "The config file is not writable").

Please check if your file permissions are correctly setup. LAM needs to edit files in the folder "config" (located in /var/lib/ldap-account-manager for RPM/DEB). The webserver user must be able to edit these files and create new ones.

If you get this error even if the file permissions are ok then please check if you have SELinux activated (default for some RPM-based distributions). In this case you need to add a rule that allows the webserver to edit the files.

Cart

Shopping cart 0 items

News

LAM 9.4.RC1 with new white pages feature and email2SMS support
Tue, 2025-11-25

LAM 9.3 with comparison in tree view and SMS sending support
Tue, 2025-09-02

LAM 9.2 with TAK support and PHP 8.4 compatibility
Fri, 2025-06-06

LAM 9.1 with support for Bind dyndb, AD and usability improvements
Thu, 2025-03-13

LAM 9.0 with a security fix, usability updates and custom scripts enhancements
Tue, 2024-12-17

Translators needed - get LAM Pro for free!
Thu, 2024-12-05

LAM 8.9 with extended "Request access" module
Tue, 2024-09-24

Footer menu

  • License
  • Imprint, Legal and Privacy Information