LDAP Account Manager (LAM) is a web-based LDAP administration tool that makes it easy to manage multiple LDAP server instances from a single interface. In this tutorial, we will be installing LAM on an OpenBSD server.
OpenBSD offers a package manager called pkg_add to install software packages. To install LAM and its dependencies, run the following command:
$ doas pkg_add php composer php-pdo_sqlite sqlite3
Note: doas is the recommended program to get root privileges on OpenBSD instead of sudo.
This command installs PHP, composer, and required PHP modules to run LAM on your OpenBSD server.
Now we need to download the LAM source code from the official website. To download the latest version of LAM, execute the following command:
$ git clone https://github.com/ldap-account-manager/lam.git /var/www/lam
To run LAM, you need to configure PHP's timezone and document root. To configure PHP, edit the /etc/php.ini file:
$ doas vim /etc/php.ini
Add the following lines at the end of the php.ini file:
date.timezone = "America/New_York" # Change the timezone to your region
extension=sqlite3
Then search for doc_root and change the value to /var/www/lam:
doc_root = "/var/www/lam"
Save and exit the file.
We need to set the correct permissions on the /var/www/lam directory to allow the web server to access the files. Run the following command:
$ doas chown -R www:www /var/www/lam
LAM is a web application so it requires a web server to serve the content. We will be using Nginx as our web server in this tutorial. If you don't have Nginx installed on your OpenBSD server, you can install it using the pkg_add nginx command.
Create a new server block configuration file for LAM in /etc/nginx/sites-available/lam. You can use the following command to create a new file:
$ doas vim /etc/nginx/sites-available/lam
Insert the following content into the new file:
server {
listen 80;
server_name lam.example.com; # Change it to your own domain name
root /var/www/lam;
location / {
index index.php;
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
include fastcgi.conf;
fastcgi_pass 127.0.0.1:9000;
}
}
Save and exit the file.
Create a symbolic link to this newly created site configuration file:
$ doas ln -s /etc/nginx/sites-available/lam /etc/nginx/sites-enabled/lam
Restart the Nginx service:
$ doas rcctl enable nginx
$ doas rcctl restart nginx
Now you should be able to visit http://lam.example.com in your web browser and see the LAM login screen. Log in with your LDAP admin credentials and start managing your LDAP server with this easy-to-use web-based tool.
If you want to self-host in an easy, hands free way, need an external IP address, or simply want your data in your own hands, give IPv6.rs a try!
