TroubleshootingReset configuration passwordThe password for the server profiles can be reset using the master
configuration password. Open LAM configuration -> Edit server
profiles ->Manage server profiles for this.In case you lost your master configuration password you need to
manually edit the main configuration file (config.cfg) on the file
system.Locate config.cfg: On DEB/RPM installations it is in
/usr/share/ldap-account-manager/config and for tar.bz2 in config
folder.Locate the "password" entry in the fileReplace the password hash after "password: " with your new
clear-text password (e.g. "secret")After the change the line should look like this:password: secretYou can now login using your new password. Set the password once
again via GUI in main configuration settings. This will then put again a
hash value in the config.cfg file.Functional issuesSize limitYou will get a message like "LDAP sizelimit exceeded, not all
entries are shown." when you hit the LDAP search limit.OpenLDAP: See the OpenLDAP
settings to fix this.389 server: set nsslapd-sizelimit in cn=config (may also be
set per user)other LDAP servers: please see your server
documentationInvalid syntax errors:If you get any strange errors like "Invalid syntax" or "Invalid DN
syntax" please check if your LDAP schema matches LAM's
requirements.Schema test:This can be done by running "Tools" -> "Tests" -> "Schema
test" inside LAM.If there are any object classes or attributes missing you will get
a notice. See LDAP schema files for a
list of used schemas. You may also want to deactivate unused modules in
your LAM server profile (tab "Modules").LDAP Logging:If your schema is correct you can turn on LDAP logging to get more
detailed error messages from your LDAP server.OpenLDAP logging:slapd.conf: In /etc/ldap/slapd.conf turn logging on with the
line "loglevel 256".slapd.d: In /etc/ldap/slapd.d/cn=config.ldif please change the
attribute "olcLogLevel" to "Stats". Please add a line "olcLogLevel:
Stats" if the attribute is missing.After changing the configuration please restart OpenLDAP. It
usually uses /var/log/syslog for log output.PHP loggingSometimes it can help to enable PHP logging inside LAM. You can do
this in the logging area of LAM's
main configuration. Set the logging option to "all" and check if there
are any messages printed in your browser window. Please note that not
every notice message is an error but it may help to find the
problem.Performance issuesLAM is tested to work with 10000 users with acceptable
performance. If you have a larger directory or slow hardware then here
are some points to increase performance.The first step is to check if performance problems are caused by
the LAM web server or the LDAP server. Please check which machine
suffers from high system load (CPU/memory consumption).High network latency may also be a problem. For large
installations please make sure that LAM web server and LDAP server are
located in the same building/server room.If you run LAM on multiple nodes (DNS load balancing/hardware load
balancer) then also check the clustering
section.LDAP serverUse indicesDepending on the queries it may help to add some more indices on
the LDAP server. Depending on your LDAP software it may already
suggest indices in its log files. See here for typical OpenLDAP indices.Reduce query results by splitting LDAP
management into multiple server profilesIf you manage a very large directory then it might already be
separated into multiple subtrees (e.g. by country, subsidiary, ...).
Do not use a single LAM server profile to manage your whole directory.
Use different server profiles for each separated LDAP subtree where
possible (e.g. one for German users and one for French ones).Limit query resultsLAM allows to set an LDAP search
limit for each server profile. This will limit the number of
entries returned by your LDAP server. Use with caution because it can
cause problems (e.g. with automatic UID generation) when LAM is not
able to read all entries.LAM web serverInstall a PHP
acceleratorThere are tools like APC/OpCache (free)
or Zend
Server (commercial) that provide caching of PHP pages to
improve performance. They will reduce the time for parsing the PHP
pages and IO load.This is a simply way to enhance performance since APC/OpCache is
part of most Linux distributions.If you use APC then make sure that it uses enough memory (e.g.
"apc.shm_size=128M"). You can check the memory usage with the file
apc.php that is shipped with APC.OpCache statistics can be shown with opcache-status.Disable session
encryptionLAM encrypts sensitive data in your session files. You can disable it to reduce CPU
load.