Configuration of the LDAP Account Manager

Change master password

Click on LAM configuration on the upper right corner.

"Edit general settings"

The Master password is "lam".

Scroll down to "Change master password" and enter your desired password two times.

The password will be saved in cleartext in a configuration file of LAM

Add certificates

The communication with the the OpenLDAP server over SSL didn't work. So finally I added two certificates. The CA, which I simply uploaded (Choose file --> "Upload") and the certificate of the Domain Controller (enter ldaps://openldap.simmy.ch --> "Import from server").

Scroll down and click "Ok". Restart the apache server:

systemctl restart apache2

Create a profile for OpenLDAP

Click on LAM configuration on the upper right corner.

Click on "Edit server profiles".

Click on "Manage server profiles".

Enter these options:

Profile name --> OpenLDAP

Profile password --> your password here

Reenter password --> your password here

Template --> choose Template "unix" for OpenLDAP

The password will be saved in cleartext in a configuration file of LAM

Configuration of the profile for OpenLDAP

General settings

Server settings

Server address --> ldap://openldap.simmy.ch:389

Tool settings

Tree suffix: DC=simmy,DC=ch

Security settings

List of valid users:

cn=admin,dc=simmy,dc=ch
cn=binduser,ou=Users,dc=simmy,dc=ch
cn=Holger Schindler,ou=Users,dc=simmy,dc=ch

Account types

Create the OU groups before doing this:

These two LDAP suffixes have to be set:

CN=Users,DC=simmy,DC=ch

OU=Groups,DC=simmy,DC=ch

Modules

Nothing to change here.

Module settings

Nothing to change here.

Final

Useful links

https://www.unixmen.com/setup-samba-domain-controller-with-openldap-backend-in-ubuntu-13-04/

https://www.ldap-account-manager.org/lamcms/howto

https://computingforgeeks.com/install-and-configure-ldap-account-manager-on-ubuntu/

https://www.ldap-account-manager.org/lamcms/documentation

https://www.ldap-account-manager.org/static/doc/manual.pdf