Troubleshooting
Version 14 (Bryan Heath, 03/05/2013 10:01 am)
| 1 | 1 | h1. Troubleshooting |
|
|---|---|---|---|
| 2 | 1 | ||
| 3 | 1 | If you are having issues here are some steps to try and help you figure out what is going on. |
|
| 4 | 1 | ||
| 5 | 8 | Bryan Heath | After you have read and tried all these you can post your issue on the forum: |
| 6 | 8 | Bryan Heath | http://forums.kayako.com/threads/php-ad-ldap-authenticator.24269/ |
| 7 | 8 | Bryan Heath | |
| 8 | 9 | Bryan Heath | +*Please remember to UNDO all the testing changes before going live!!!!!*+ This includes test mode since it will cause to you not be able to login |
| 9 | 1 | ||
| 10 | 4 | Bryan Heath | h1. First step |
| 11 | 1 | ||
| 12 | 1 | Read and check all the [[Installation]], [[Setup]] and [[Configure]] steps. Many of the issues people have is they didnt follow each step correctly. |
|
| 13 | 1 | ||
| 14 | 4 | Bryan Heath | h1. Enable logging |
| 15 | 1 | ||
| 16 | 1 | * First make sure that /ldap/log/ is writable |
|
| 17 | 1 | * Open the ldap/config.php file |
|
| 18 | 1 | * Find: |
|
| 19 | 1 | ** @define('KAYAKO_LDAP_LOG', false);@ |
|
| 20 | 1 | * Change to: |
|
| 21 | 1 | ** @define('KAYAKO_LDAP_LOG', true);@ |
|
| 22 | 1 | * Now logging is enabled. You can now try to login again, even if you know it will not work. However if you go to /ldap/log/ you should see log.txt file. In it there should be a log of what is going on. This should help you track down the problem. |
|
| 23 | 1 | ||
| 24 | 12 | Bryan Heath | h1. Enable XML logging |
| 25 | 12 | Bryan Heath | |
| 26 | 12 | Bryan Heath | This will log the actual XML which is sent back to loginshare. |
| 27 | 12 | Bryan Heath | |
| 28 | 12 | Bryan Heath | First enable logging as noted above. |
| 29 | 12 | Bryan Heath | |
| 30 | 12 | Bryan Heath | * First make sure that /ldap/log/ is writable |
| 31 | 12 | Bryan Heath | * Open the ldap/config.php file |
| 32 | 12 | Bryan Heath | * Find: |
| 33 | 12 | Bryan Heath | ** @define('KAYAKO_LDAP_LOG_XML', false);@ |
| 34 | 12 | Bryan Heath | * Change to: |
| 35 | 12 | Bryan Heath | ** @define('KAYAKO_LDAP_LOG_XML', true);@ |
| 36 | 12 | Bryan Heath | * Now XML logging is enabled. You should now see the XML data in the log file |
| 37 | 12 | Bryan Heath | |
| 38 | 12 | Bryan Heath | h1. Enable Output logging |
| 39 | 12 | Bryan Heath | |
| 40 | 12 | Bryan Heath | This will attempt to log everything that is displayed to the screen. Good for trouble shooting Type 1 errors |
| 41 | 12 | Bryan Heath | |
| 42 | 12 | Bryan Heath | Please note this might not work on all server environments. |
| 43 | 12 | Bryan Heath | |
| 44 | 12 | Bryan Heath | First enable logging as noted above. |
| 45 | 12 | Bryan Heath | |
| 46 | 12 | Bryan Heath | * First make sure that /ldap/log/ is writable |
| 47 | 12 | Bryan Heath | * Open the ldap/config.php file |
| 48 | 12 | Bryan Heath | * Find: |
| 49 | 12 | Bryan Heath | ** @define('KAYAKO_LDAP_LOG_OUTPUT', false);@ |
| 50 | 12 | Bryan Heath | * Change to: |
| 51 | 12 | Bryan Heath | ** @define('KAYAKO_LDAP_LOG_OUTPUT', true);@ |
| 52 | 12 | Bryan Heath | * Now output logging is enabled. You should now see it in the log file. |
| 53 | 12 | Bryan Heath | |
| 54 | 4 | Bryan Heath | h1. Enable testing |
| 55 | 1 | ||
| 56 | 1 | * Open the ldap/config.php file |
|
| 57 | 1 | * Find: |
|
| 58 | 6 | Bryan Heath | <pre>define('KAYAKO_LDAP_USERNAME', 'username'); |
| 59 | 6 | Bryan Heath | define('KAYAKO_LDAP_PASSWORD', 'password');</pre> |
| 60 | 7 | Bryan Heath | * Change the username and password to known good AD account (preferably your own). So it should look like: |
| 61 | 6 | Bryan Heath | <pre>define('KAYAKO_LDAP_USERNAME', 'administrator'); |
| 62 | 6 | Bryan Heath | define('KAYAKO_LDAP_PASSWORD', 'thepassword');</pre> |
| 63 | 1 | * Find: |
|
| 64 | 1 | ** @define('KAYAKO_LDAP_TEST', false);@ |
|
| 65 | 1 | * Change to: |
|
| 66 | 1 | ** @define('KAYAKO_LDAP_TEST', true);@ |
|
| 67 | 3 | Bryan Heath | * Now you are in testing mode. If you go to the ldap.php you can now test those credentials and see if they work. If they do you should get a [[Troubleshooting_XML|valid XML]] result. |
| 68 | 1 | ||
| 69 | 10 | Bryan Heath | You can also enable logging of the username and password sent to AD to ensure there is no problems with that. By default its commented our for security. To enable it: |
| 70 | 13 | Bryan Heath | * Open /ldap/helpers.php |
| 71 | 10 | Bryan Heath | * Find: |
| 72 | 10 | Bryan Heath | ** @ //$adldap->log('Username: '.$adldap->getUsername().' - Password: '.$adldap->getPassword());@ |
| 73 | 10 | Bryan Heath | * Change to: |
| 74 | 10 | Bryan Heath | ** @ $adldap->log('Username: '.$adldap->getUsername().' - Password: '.$adldap->getPassword());@ |
| 75 | 10 | Bryan Heath | ** Notice the // are now gone |
| 76 | 10 | Bryan Heath | |
| 77 | 10 | Bryan Heath | |
| 78 | 11 | Bryan Heath | h1. Try the ldap.html or ldap_staff.html |
| 79 | 1 | ||
| 80 | 11 | Bryan Heath | In the tools folder you will find ldap.hml and ldap_staff.html. ldap.html is for testing users and ldap_staff.html is for testing staff |
| 81 | 11 | Bryan Heath | |
| 82 | 11 | Bryan Heath | If you upload it and go to the url, it will allow you to test different ldap users and see if you get a [[Troubleshooting_XML|valid XML]]. |
| 83 | 14 | Bryan Heath | |
| 84 | 14 | Bryan Heath | h1. Remote troubleshooting |
| 85 | 14 | Bryan Heath | |
| 86 | 14 | Bryan Heath | If you are going to give me the ability to remotely troubleshoot please only give me this information in a PM or direct email. Do not post this information here or on the support thread. |
| 87 | 14 | Bryan Heath | |
| 88 | 14 | Bryan Heath | If you would like to have me remotely look at your issue I will need the following: |
| 89 | 14 | Bryan Heath | |
| 90 | 14 | Bryan Heath | # Remote access to the server running Kayako with LDAP Authenticator already installed |
| 91 | 14 | Bryan Heath | ## The preferable method would be FTP or SFTP, however SSH will work as well |
| 92 | 14 | Bryan Heath | ## The account should be a temporary or throw away account |
| 93 | 14 | Bryan Heath | ### Account +*must*+ have read/write abilities to the files and folders in your installation |
| 94 | 14 | Bryan Heath | ### Account can be locked to just the Kayako installation if on a shared server |
| 95 | 14 | Bryan Heath | ## You can make up the username and password |
| 96 | 14 | Bryan Heath | # AD account with the proper credentials to login (if it were working obviously) |
| 97 | 14 | Bryan Heath | ## The account should be a temporary or throw away account |
| 98 | 14 | Bryan Heath | ## You can make up the username and password |
| 99 | 14 | Bryan Heath | # Anything else required to access your system such as VPN information, ip or url to connect to, etc |
| 100 | 14 | Bryan Heath | |
| 101 | 14 | Bryan Heath | When you send me this info please make sure you are sending me everything you think I need. |
| 102 | 14 | Bryan Heath | |
| 103 | 14 | Bryan Heath | I will sign a Non-Disclosure Agreement (NDA) or other legal documents if needed. |