Ldap account manager (LAM) thinktank

Well I am designing LAM as a module for NS8, not really a big fan but a least it is an app still under development, phpldapadmin is quite dead now

We can authenticate either with a static list of admin that you set inside the configuration or you can either configure that any user of the ldap can authenticate

my fear is to see someone of the ldap allowed to list the user, for sure without permission to write you cannot change something, but you can read the address or the email of one of your coworker


a list of people allowed to login
any user of the ldap can login with their credential

1 Like

I’d vote for both, though rather than a static, user-entered list I’d prefer it be by group membership. If “both” isn’t a realistic option, I’d definitely favor limiting it to admins rather than it being open to everyone.

1 Like


AND, does this also apply to an external LDAP account provider?

No idea for now just tested the both case NS8 openldap and samba4 but since we retrieve from the ldap proxy the settings it should work at least in read mode

so this should fulfill my request here Req: PHPLadAdmin App Additional Ldap configs - Feature - NethServer Community