Installation on Debian/Ubuntu with packages


LemonLDAP::NG provides these packages:

  • lemonldap-ng: metapackage, contains no file but dependencies on other packages

  • lemonldap-ng-doc: contains HTML documentation and project docs (README, etc.)

  • lemonldap-ng-fastcgi-server: LL::NG FastCGI server (for Nginx)

  • lemonldap-ng-handler: Handler files

  • liblemonldap-ng-common-perl: configuration and common files

  • liblemonldap-ng-handler-perl: Handler common libraries

  • liblemonldap-ng-manager-perl: Manager files

  • liblemonldap-ng-portal-perl: Portal files

  • liblemonldap-ng-ssoaas-apache-client-perl: SSOaaS client module

Get the packages

LL::NG repository

You can add this repository to have recent packages.

First, make sure your system can install packages from HTTPS repositories:

apt install apt-transport-https curl gnupg

You will need to trust the DEB signing key :

curl | gpg --dearmor > /usr/share/keyrings/lemonldap-ng-archive-keyring.gpg

Then, add the official LL::NG repository

vi /etc/apt/sources.list.d/lemonldap-ng.list
# LemonLDAP::NG repository
deb [arch=amd64 signed-by=/usr/share/keyrings/lemonldap-ng-archive-keyring.gpg] 2.0 main


  • Use the stable repository to get packages from current major version

  • Use the oldstable repository to get packages from previous major version

  • Use the testing repository to get packages from next major version

  • Use the 2.0 repository to stay on this major version and avoid upgrade to next major version

Finally update your APT cache:

apt update

Official Debian repository

If you run Debian stable, testing or unstable, the packages are directly available:

apt install lemonldap-ng


Packages from Debian repository may not be up to date but are security-maintained by Debian Security Team for “stable” release and LTS team for “oldstable” release. Then if you don’t need some new features or aren’t concerned by a bug fixed earlier, this is a good choice. You can also use Debian backports or “testing”/”unstable” packages, team maintained. Here is the list of Debian versions.


LLNG Ubuntu packages are not in the “universe” but in the “multiverse”. This means they are not security-maintained. If you use them, you should follow our security advisories on

Manual download

Packages are available on the Download page.

Install packages

With apt


By default packages will require Nginx. If you want to use Apache2, install it first with mod_perl:

apt install apache2 libapache2-mod-perl2 libapache2-mod-fcgid
apt install lemonldap-ng

With dpkg

Before installing the packages, install dependencies.


dpkg -i liblemonldap-ng-* lemonldap-ng*

First configuration steps

Change default DNS domain

By default, DNS domain is You can change it quick with a sed command. For example, we change it to

sed -i 's/example\.com/' /etc/lemonldap-ng/* /var/lib/lemonldap-ng/conf/lmConf-1.json


If you upgraded LL::NG, check all upgrade notes.


Configure your DNS server to resolve names with your server IP:

  • auth.<your domain>: main portal, must be public

  • manager.<your domain>: manager, only for adminsitrators

  • test1.<your domain>, test2.<your domain>: sample applications

Follow the next steps

File location

  • Configuration is in /etc/lemonldap-ng

  • LemonLDAP::NG configuration (edited by the Manager) is in /var/lib/lemonldap-ng/conf/

  • All Perl modules are in the VENDOR perl directory (/usr/share/perl5/)

  • All Perl scripts/pages are in /var/lib/lemonldap-ng/

  • All lemonldap-ng tools are in /usr/share/lemonldap-ng/bin/

  • All static content (examples, CSS, images, etc.) is in /usr/share/lemonldap-ng/

  • Apache configuration files are in /etc/lemonldap-ng and linked in /etc/apache2/sites-available and /etc/nginx/sites-available