starred/lldap-lldap
1
0
Fork 0
mirror of https://github.com/lldap/lldap.git synced 2026-04-25 16:25:55 +03:00
Code Issues 101 Projects Releases 10 Packages Wiki Activity

[GH-ISSUE #886] [INTEGRATION] Trying to use LLDAP with LAM (Ldap Account Manager) #321

New issue
Closed
opened 2026-02-27 08:16:38 +03:00 by kerem · 1 comment
kerem commented 2026-02-27 08:16:38 +03:00
Owner
Copy link

Originally created by @esp13 on GitHub (Mar 29, 2024).
Original GitHub issue: https://github.com/lldap/lldap/issues/886

Description of the service
I know that I can access to the integrated web gui of lldap (on the default 17170 port) but I'm a beginner so I wanted to get a more visual gui display of my ldap directory.
I saw that LAM https://github.com/LDAPAccountManager/lam (Ldap Account Manager) has a "treeview" and wanted to give it a try with my lldap homeserver.
But again, I have difficulties to configure it correctly, I can see users but the groups nor the treeview are working.
Maybe adding a working configuration for LAM in https://github.com/lldap/lldap/tree/main/example_configs could be useful for other beginners :)

What you've tried

I have this in my configuration file (I display here only what seems relevant to my issue) (file generated from the configuration from the web gui of LAM):

ServerURL: ldap://lldapserveraddress:lldapserverport

serverDisplayName:

Admins: uid=admin,ou=people,dc=mysubdomain,dc=mydomain,dc=org

activeTypes: user,group

loginSearchSuffix: ou=people,dc=mysubdomain,dc=mydomain,dc=org

loginSearchFilter: uid=%USER%

loginSearchDN: uid=mylldapadmin,ou=people,dc=mysubdomain,dc=mydomain,dc=org

loginSearchPassword: thepasswordofmylldapadmin

httpAuthentication: false

modules: posixGroup_group_gidGenerator: range
modules: posixGroup_group_minGID: 10000
modules: posixGroup_group_maxGID: 20000
modules: posixGroup_group_hidememberUid: false
modules: posixAccount_user_uidGeneratorUsers: range
modules: posixAccount_user_minUID: 10000
modules: posixAccount_user_maxUID: 30000
modules: posixAccount_user_userNameSuggestion: @givenname@%sn%
modules: posixAccount_user_hidegecos: false
modules: posixAccount_user_hidepassword: false

types: suffix_user: ou=people,dc=mysubdomain,dc=mydomain,dc=org
types: attr_user: #uid;#givenName;#sn;#uidNumber;#gidNumber
types: modules_user: inetOrgPerson,posixAccount,shadowAccount
types: suffix_group: ou=groups,dc=mysubdomain,dc=mydomain,dc=org
types: attr_group: #cn;#gidNumber;#memberUID;#description
types: modules_group: posixGroup
types: customLabel_user:
types: filter_user:
types: customLabel_group: 
types: filter_group:
types: hidden_user:
types: hidden_group:
tools: treeViewSuffix: dc=mysubdomain,dc=mydomain,dc=org

What's not working

  • In LAM web gui I can see users but some fields seems missing.

  • In LAM web gui the groups nor the treeview aren't displayed.

  • In lldap logs I get a lot of warnings, for example:
    `WARN │ │ ┝━ 🚧 [warn]: Ignoring unrecognized group attribute: departmentnumber\n\

                     To disable this warning, add it to "ignored_user_attributes" in the config.

WARN │ │ ┝━ 🚧 [warn]: Ignoring unrecognized group attribute: ou\n\

                   To disable this warning, add it to "ignored_user_attributes" in the config.

WARN │ │ ┝━ 🚧 [warn]: Ignoring unrecognized group attribute: o\n\

                   To disable this warning, add it to "ignored_user_attributes" in the config.

WARN │ │ ┝━ 🚧 [warn]: Ignoring unrecognized group attribute: title\n\

                   To disable this warning, add it to "ignored_user_attributes" in the config.

WARN │ │ ┝━ 🚧 [warn]: Ignoring unrecognized group attribute: employeetype\n\

                   To disable this warning, add it to "ignored_user_attributes" in the config.

WARN │ │ ┝━ 🚧 [warn]: Ignoring unrecognized group attribute: businesscategory\n\

                   To disable this warning, add it to "ignored_user_attributes" in the config.

DEBUG │ │ ┝━ expand_attribute_wildcards [ 4.87µs | 0.00% ] ldap_attributes: ["departmentNumber", "ou", "o", "title", "employeeType", "businessCategory"]`

Originally created by @esp13 on GitHub (Mar 29, 2024). Original GitHub issue: https://github.com/lldap/lldap/issues/886 **Description of the service** I know that I can access to the integrated web gui of lldap (on the default 17170 port) but I'm a beginner so I wanted to get a more visual gui display of my ldap directory. I saw that LAM https://github.com/LDAPAccountManager/lam (Ldap Account Manager) has a "treeview" and wanted to give it a try with my lldap homeserver. But again, I have difficulties to configure it correctly, I can see users but the groups nor the treeview are working. Maybe adding a working configuration for LAM in https://github.com/lldap/lldap/tree/main/example_configs could be useful for other beginners :) **What you've tried** I have this in my configuration file (I display here only what seems relevant to my issue) (file generated from the configuration from the web gui of LAM): ``` ServerURL: ldap://lldapserveraddress:lldapserverport serverDisplayName: Admins: uid=admin,ou=people,dc=mysubdomain,dc=mydomain,dc=org activeTypes: user,group loginSearchSuffix: ou=people,dc=mysubdomain,dc=mydomain,dc=org loginSearchFilter: uid=%USER% loginSearchDN: uid=mylldapadmin,ou=people,dc=mysubdomain,dc=mydomain,dc=org loginSearchPassword: thepasswordofmylldapadmin httpAuthentication: false modules: posixGroup_group_gidGenerator: range modules: posixGroup_group_minGID: 10000 modules: posixGroup_group_maxGID: 20000 modules: posixGroup_group_hidememberUid: false modules: posixAccount_user_uidGeneratorUsers: range modules: posixAccount_user_minUID: 10000 modules: posixAccount_user_maxUID: 30000 modules: posixAccount_user_userNameSuggestion: @givenname@%sn% modules: posixAccount_user_hidegecos: false modules: posixAccount_user_hidepassword: false types: suffix_user: ou=people,dc=mysubdomain,dc=mydomain,dc=org types: attr_user: #uid;#givenName;#sn;#uidNumber;#gidNumber types: modules_user: inetOrgPerson,posixAccount,shadowAccount types: suffix_group: ou=groups,dc=mysubdomain,dc=mydomain,dc=org types: attr_group: #cn;#gidNumber;#memberUID;#description types: modules_group: posixGroup types: customLabel_user: types: filter_user: types: customLabel_group: types: filter_group: types: hidden_user: types: hidden_group: tools: treeViewSuffix: dc=mysubdomain,dc=mydomain,dc=org ``` **What's not working** - In LAM web gui I can see users but some fields seems missing. - In LAM web gui the groups nor the treeview aren't displayed. - In lldap logs I get a lot of warnings, for example: `WARN │ │ ┝━ 🚧 [warn]: Ignoring unrecognized group attribute: departmentnumber\n\ To disable this warning, add it to "ignored_user_attributes" in the config. WARN │ │ ┝━ 🚧 [warn]: Ignoring unrecognized group attribute: ou\n\ To disable this warning, add it to "ignored_user_attributes" in the config. WARN │ │ ┝━ 🚧 [warn]: Ignoring unrecognized group attribute: o\n\ To disable this warning, add it to "ignored_user_attributes" in the config. WARN │ │ ┝━ 🚧 [warn]: Ignoring unrecognized group attribute: title\n\ To disable this warning, add it to "ignored_user_attributes" in the config. WARN │ │ ┝━ 🚧 [warn]: Ignoring unrecognized group attribute: employeetype\n\ To disable this warning, add it to "ignored_user_attributes" in the config. WARN │ │ ┝━ 🚧 [warn]: Ignoring unrecognized group attribute: businesscategory\n\ To disable this warning, add it to "ignored_user_attributes" in the config. DEBUG │ │ ┝━ expand_attribute_wildcards [ 4.87µs | 0.00% ] ldap_attributes: ["departmentNumber", "ou", "o", "title", "employeeType", "businessCategory"]`
kerem 2026-02-27 08:16:38 +03:00
kerem commented 2026-02-27 08:16:39 +03:00
Author
Owner
Copy link

@nitnelave commented on GitHub (Aug 16, 2024):

LLDAP is known to not work very well with generic LDAP viewers: it doesn't implement a lot of the details that viewers rely on to dynamically discover the structure. This is not an area of focus for LLDAP, the recommended viewing interface is the provided web UI.

<!-- gh-comment-id:2294371040 --> @nitnelave commented on GitHub (Aug 16, 2024): LLDAP is known to not work very well with generic LDAP viewers: it doesn't implement a lot of the details that viewers rely on to dynamically discover the structure. This is not an area of focus for LLDAP, the recommended viewing interface is the provided web UI.
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
dependabot/github_actions/codecov/codecov-action-6
copilot/fix-equality-filters-list-attributes
dependabot/github_actions/docker/build-push-action-7
dependabot/github_actions/docker/metadata-action-6
dependabot/github_actions/docker/setup-buildx-action-4
dependabot/github_actions/docker/login-action-4
copilot/update-download-artifact-action
copilot/fix-opensuse-warnings
copilot/fix-1268
copilot/fix-727
copilot/fix-898
copilot/fix-1256
copilot/fix-1251
copilot/fix-1249
copilot/fix-1206
user-attribute-form
user-ui
group-ui
server-user-attribute-schema
crates
haveibeenpwned
v0.6.2
v0.6.1
v0.6.0
v0.5.0
v0.4.3
v0.4.2
v0.4.1
v0.4.0
v0.3.0
v0.2.0
v0.0.1
Labels
Clear labels   
backend

   
blocked

   
bug

   
cleanup

   
dependencies

   
docker

   
documentation

   
duplicate

   
enhancement

   
enhancement

   
frontend

   
github_actions

   
good first issue

   
help wanted

   
help wanted

   
integration

   
invalid

   
ldap

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
rust

   
rust

   
tests

   
wontfix
No labels
backend
blocked
bug
cleanup
dependencies
docker
documentation
duplicate
enhancement
enhancement
frontend
github_actions
good first issue
help wanted
help wanted
integration
invalid
ldap
pull-request
question
rust
rust
tests
wontfix
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/lldap-lldap#321
No description provided.