Elias Pereira | 28 May 22:35 2015
Picon

Check who deleted a user

Hello guys,

How can I check in ldap account manager who was excluded that a certain user?

There is this option in LAM or is it the system logs?

--
Elias Pereira
------------------------------------------------------------------------------
_______________________________________________
Lam-public mailing list
Lam-public@...
https://lists.sourceforge.net/lists/listinfo/lam-public
Gomez-Rubio, J L. | 28 May 17:13 2015

LAM self service SSH public key upload failed

Roland,

I have SSH public key self service upload enabled and when I attempt to upload my public key, a pop up window with the word “undefined” shows up.

The red text reads: “id_rsa.pub 0.4kb Upload failed”.

How do I fix this error?

Thank you for your reply.

Jose
------------------------------------------------------------------------------
_______________________________________________
Lam-public mailing list
Lam-public@...
https://lists.sourceforge.net/lists/listinfo/lam-public
Gomez-Rubio, J L. | 22 May 15:48 2015

Automatic shadow and password self reset extension activation for new accounts?

Roland,

I’ve enabled the User modules of Shadow and Password self reset.

When I create a new user account, I have to manually enable shadow account extension and password self reset extension for the newly created account.

Is there a way to have LAM activate the shadow and password self reset extensions automatically?

Thank you for your reply.

Jose
------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud 
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
Lam-public mailing list
Lam-public@...
https://lists.sourceforge.net/lists/listinfo/lam-public
Roland Gruber | 21 May 17:32 2015
Picon

Re: LAM in IIS

Hi Christopher,

there is no real support for LAM on IIS. You can try to make the
directories writable for everybody and check if it is really a rights issue.
But the best solution is to use some Linux.

Best regards

Roland

On 21.05.2015 15:54, Christopher CLINE wrote:
> Sorry for the double post. Didn't realize I sent as HTML yesterday. Checked the archive page and the
message wasn't visible.
> 
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 
> Hello. First time posting here, so be gentle please.
> 
> I'm trying to find an web-based LDAP Admin tool that can run in IIS (7 or later), and am wondering if LAM is a
possibility. 
> 
> I looked through the documentation, and didn't see anything that explicitly said it couldn't run in IIS.
But there were no Windows-specific instructions either.
> 
> I have PHP 5.6 installed, and I copied the contents of v4.9 of the Tar.bz2 file to a sub-folder under
c:\inetpub\wwwroot. I tried to access index.php, but was taken to templates/login.php and shown 2 error messages:
> 
> (x) The directory C:\inetpub\wwwroot\ldap-account-manager-4.9/sess is not writable for the web
server. Please change your file permissions.
> (x) The directory C:\inetpub\wwwroot\ldap-account-manager-4.9/tmp is not writable for the web
server. Please change your file permissions.
> 
> I checked the Windows folder permissions and both "NETWORK SERVICE" and "IIS_IUSRS" have Write
permission to these folders.
> 
> Questions:
> 
> 1. Am I doing something wrong, or am I barking up the wrong tree with LAM in IIS?
> 2. If this is not a possibility, can anyone recommend an LDAP web GUI that will run in IIS?
> 
> Thanks.
> 
> CHRISTOPHER CLINE
> Lead Developer | Americas
> 
> e christopher.cline@...   
> internationalsos.com 
> 
> INTERNATIONAL SOS
> WORLDWIDE REACH. HUMAN TOUCH.
> 
> DOWNLOAD ASSISTANCE APP for one-touch routine or emergency assistance worldwide -- travel, health and
security information at your fingertips!
> 
> 
> ------------------------------------------------------------------------------
> One dashboard for servers and applications across Physical-Virtual-Cloud 
> Widest out-of-the-box monitoring support with 50+ applications
> Performance metrics, stats and reports that give you Actionable Insights
> Deep dive visibility with transaction tracing using APM Insight.
> http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
> _______________________________________________
> Lam-public mailing list
> Lam-public@...
> https://lists.sourceforge.net/lists/listinfo/lam-public
> 

------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud 
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
Lam-public mailing list
Lam-public@...
https://lists.sourceforge.net/lists/listinfo/lam-public
Christopher CLINE | 21 May 15:54 2015

LAM in IIS

Sorry for the double post. Didn't realize I sent as HTML yesterday. Checked the archive page and the message
wasn't visible.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Hello. First time posting here, so be gentle please.

I'm trying to find an web-based LDAP Admin tool that can run in IIS (7 or later), and am wondering if LAM is a
possibility. 

I looked through the documentation, and didn't see anything that explicitly said it couldn't run in IIS.
But there were no Windows-specific instructions either.

I have PHP 5.6 installed, and I copied the contents of v4.9 of the Tar.bz2 file to a sub-folder under
c:\inetpub\wwwroot. I tried to access index.php, but was taken to templates/login.php and shown 2 error messages:

(x) The directory C:\inetpub\wwwroot\ldap-account-manager-4.9/sess is not writable for the web
server. Please change your file permissions.
(x) The directory C:\inetpub\wwwroot\ldap-account-manager-4.9/tmp is not writable for the web
server. Please change your file permissions.

I checked the Windows folder permissions and both "NETWORK SERVICE" and "IIS_IUSRS" have Write
permission to these folders.

Questions:

1. Am I doing something wrong, or am I barking up the wrong tree with LAM in IIS?
2. If this is not a possibility, can anyone recommend an LDAP web GUI that will run in IIS?

Thanks.

CHRISTOPHER CLINE
Lead Developer | Americas

e christopher.cline@...   
internationalsos.com 

INTERNATIONAL SOS
WORLDWIDE REACH. HUMAN TOUCH.

DOWNLOAD ASSISTANCE APP for one-touch routine or emergency assistance worldwide -- travel, health and
security information at your fingertips!

------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud 
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
Christopher CLINE | 20 May 23:07 2015

LAM in IIS

Hello. First time posting here, so be gentle please.

 

I’m trying to find an web-based LDAP Admin tool that can run in IIS (7 or later), and am wondering if LAM is a possibility.

 

I looked through the documentation, and didn’t see anything that explicitly said it couldn’t run in IIS. But there were no Windows-specific instructions either.

 

I have PHP 5.6 installed, and I copied the contents of v4.9 of the Tar.bz2 file to a sub-folder under c:\inetpub\wwwroot. I tried to access index.php, but was taken to templates/login.php and shown 2 error messages:

 

(x) The directory C:\inetpub\wwwroot\ldap-account-manager-4.9/sess is not writable for the web server. Please change your file permissions.

(x) The directory C:\inetpub\wwwroot\ldap-account-manager-4.9/tmp is not writable for the web server. Please change your file permissions.

 

I checked the Windows folder permissions and both “NETWORK SERVICE” and “IIS_IUSRS” have Write permission to these folders.

 

Questions:

 

1.       Am I doing something wrong, or am I barking up the wrong tree with LAM in IIS?

2.       If this is not a possibility, can anyone recommend an LDAP web GUI that will run in IIS?

 

Thanks.

 

 

CHRISTOPHER CLINE

Lead Developer | Americas

 

t +1 215 942 8080

e christopher.cline-vppm1TVqICDfma5lwuLqA1aTQe2KTcn/@public.gmane.org  

Philadelphia Assistance Center: +1 215 942 8226

internationalsos.com

 

INTERNATIONAL SOS

WORLDWIDE REACH. HUMAN TOUCH.

 

DOWNLOAD ASSISTANCE APP for one-touch routine or emergency assistance worldwide -- travel, health and security information at your fingertips!

 

------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud 
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
Lam-public mailing list
Lam-public@...
https://lists.sourceforge.net/lists/listinfo/lam-public
Gomez-Rubio, J L. | 20 May 17:34 2015

Self Service new user setup does not ask for security questions

Roland,


I created a new user. Was able to create new user with URL link. It never asks for me for security questions. Is this by design? I don’t have an error messages in /var/tmp/lam.log file. Here is what is says:

2015-05-20 10:32:52: LDAP Account Manager ( - 192.168.1.102) - DEBUG: Calling URL detected as https://ldap.example.com/lam/templates/selfService/selfServiceSP.php?scope=user&name=SelfService&page=passwordSelfReset&language=en_US.utf8

To test “Forgot Password?” link, I get "Unable to find password security question for this account” because I never prompted to choose a security question for the newly added user.

Below is what I’ve done before creating new user.

Thank you for your help on this.

Jose


I added the schema in slaps.conf:

include /etc/openldap/schema/passwordSelfReset.schema

Added the ACL in slapd.conf:

access to *
     by dn.base="uid=replication,ou=accounts,dc=example,dc=com" read
     by * break

access to attrs=userPassword,shadowLastChange,pwdAccountLockedTime
  by self write
  by anonymous auth
  by * none

access to attrs=homeDirectory,uidNumber,gidNumber
  by * read

access to *
  by self write
  by * read

Added Password self reset (passwordSelfReset) module in Server profile: lam

Added Security settings to Password self reset in Module Settings in Server profile: lam

Checked “Enable password self reset link”  in Self service configuration editor in Page Layout: 
Enable password self reset link

Added Password Reset group and questions in Self service configuration editor in Page layout:

Password self reset: Question
Password self reset: Answer



------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud 
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
Lam-public mailing list
Lam-public@...
https://lists.sourceforge.net/lists/listinfo/lam-public
Gomez-Rubio, J L. | 15 May 19:41 2015

value #0 invalid per syntax

Roland,

Using version 4.9 of LAM Pro. Excellent management tool.

I have an issue using the Hosts module for Users. I am using Group of names (groupOfName)(*) and Unix (rfc2307bisPosixGroup) schemas.

When I attempt to add a host extension for myself, it fails with following error:

May 15 12:13:25 ht-ldap-0 slapd[10741]: conn=1010 fd=21 ACCEPT from IP=127.0.0.1:33087 (IP=0.0.0.0:389)
May 15 12:13:25 ht-ldap-0 slapd[10741]: conn=1010 op=0 EXT oid=1.3.6.1.4.1.1466.20037
May 15 12:13:25 ht-ldap-0 slapd[10741]: conn=1010 op=0 STARTTLS
May 15 12:13:25 ht-ldap-0 slapd[10741]: conn=1010 op=0 RESULT oid= err=0 text=
May 15 12:13:25 ht-ldap-0 slapd[10741]: conn=1010 fd=21 TLS established tls_ssf=256 ssf=256
May 15 12:13:25 ht-ldap-0 slapd[10741]: conn=1010 op=1 BIND dn="cn=Manager,dc=example,dc=com" method=128
May 15 12:13:25 ht-ldap-0 slapd[10741]: conn=1010 op=1 BIND dn="cn=Manager,dc=example,dc=com" mech=SIMPLE ssf=0
May 15 12:13:25 ht-ldap-0 slapd[10741]: conn=1010 op=1 RESULT tag=97 err=0 text=
May 15 12:13:25 ht-ldap-0 slapd[10741]: conn=1010 op=2 SRCH base="ou=group,dc=example,dc=com" scope=2 deref=0 filter="(&(cn=*)(objectClass=posixGroup))"
May 15 12:13:25 ht-ldap-0 slapd[10741]: conn=1010 op=2 SRCH attr=cn dn
May 15 12:13:25 ht-ldap-0 slapd[10741]: conn=1010 op=2 SEARCH RESULT tag=101 err=0 nentries=2 text=
May 15 12:13:25 ht-ldap-0 slapd[10741]: conn=1010 op=3 MOD dn="cn=jgomezrubio,ou=People,dc=example,dc=com"
May 15 12:13:25 ht-ldap-0 slapd[10741]: conn=1010 op=3 MOD attr=objectClass host
May 15 12:13:25 ht-ldap-0 slapd[10741]: conn=1010 op=3 RESULT tag=103 err=21 text=objectClass: value #0 invalid per syntax
May 15 12:13:25 ht-ldap-0 slapd[10741]: conn=1010 op=4 UNBIND
May 15 12:13:25 ht-ldap-0 slapd[10741]: conn=1010 fd=21 closed

Since the posixGroup and groupOfNames are mutually exclusive, there is no way to make the user Hosts module work with rfc2307bisPosixGroup?

Jose

------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud 
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
Lam-public mailing list
Lam-public@...
https://lists.sourceforge.net/lists/listinfo/lam-public
Edlund, Jeff | 6 May 19:16 2015

FW: Tabs displayed incorrectly in IE11

Hello,

When we use LAM with Firefox/Chrome everything display correctly.   But for our users that use IE as their
default browser, the tabs within a User's account do not display normally.
That is, in Internet Explorer 11 - the Personal, Unix, & Shadow tabs appear as screen-wide button above a
User's settings.
(I attached a screenshot - if the mailing list accepts them)

Is this a known issue with using LAM with IE ?  Or is there another way to correctly this display inconsistency?

LAM Pro: 4.8
PHP: 5.4.39
OpenLDAP: 2.3.43
Server: RedHat Ent Linux 6.6

Thank you,

Jeff G. Edlund
Programmer, Pharmacy Software
Thrifty White Drug Stores, Inc.

------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud 
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
Lam-public mailing list
Lam-public@...
https://lists.sourceforge.net/lists/listinfo/lam-public
Fabien Morcamp | 6 May 15:55 2015
Picon

Admin account

Dear all,

I'm new on LDAP Account Manager and I have a question about it.

We would like to use it to manage one of our openldap with a userfriendly web interface.

I install it and access to manage page.

In "server profile", in "Security settings" section, I give a list of 4 account which I want to allow to connect on LAM and manage account.

When I go back on login page, I can connect without any problem with one of this account.

I can see all ldap account in the home page.
If I select one, try to add a new information for an account but when I click on "Save" I have this error:

Was unable to add attributes to DN: uid=user,ou=unit,dc=domain=com.
LDAP error, server says: Insufficient access

Is it a problem of file permissions or account permission ?

Files in /var/lib/ldap-account-manager are already owned by www-data.

And I don't find how can I add this account to be "Administrator" in LAM...
Or add the "ldapbind_ser" administrator account to be Administrator in LAM.

I search in PDF documentation file but don't find an answear on that.

Can you explain how it works ?

Thanks a lot.

Regards,
Fabien

------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud 
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
Lam-public mailing list
Lam-public@...
https://lists.sourceforge.net/lists/listinfo/lam-public
Edlund, Jeff | 27 Apr 22:23 2015

Tabs displayed incorrectly in IE11

Hello,

 

When we use LAM with Firefox/Chrome everything display correctly.   But for our users that use IE as their default browser, the tabs within a User’s account do not display normally.

That is, in Internet Explorer 11 - the Personal, Unix, & Shadow tabs appear as screen-wide button above a User’s settings.

(I attached a screenshot - if the mailing list accepts them)

 

Is this a known issue with using LAM with IE ?  Or is there another way to correctly this display inconsistency?

 

LAM Pro: 4.8

PHP: 5.4.39

OpenLDAP: 2.3.43

Server: RedHat Ent Linux 6.6

 

 

Thank you,

 

Jeff G. Edlund
Programmer, Pharmacy Software
Thrifty White Drug Stores, Inc.

 

 

------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud 
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
Lam-public mailing list
Lam-public@...
https://lists.sourceforge.net/lists/listinfo/lam-public

Gmane