need help Zentyal 4.1 set up

[jandoe]

Hello

I need some help to configure a Zentyal 4.1 server the right way.

First, some hints to my local network (see picture in the attachment):

a) a router to separates the internet form the local network using a NAT firewall. Further the router is a DNS/DHCP server (dnsmasq) and gateway. So the administrator can manage the network settings of all hosts on the router (bind IPs to MAC addresses).
b) wired: there are two access points and two servers and a pc conneted to the router. all these hosts are dhcp clients getting there IP and DNS settings from the router.
c) wireless: 10 pc's are conneted with the router using two access points (5 pc's per access point). all pc's are dhcp clients getting there IP and DNS settings from the router.
d) on the pc's I use Xubuntu 16.04LTS as operating system and the NetworkManager as DHCP client. On the servers I use Ubuntu Server 14.04LTS. On one server I installed also Zentyal 4.1.
e) on the wireless clients I installed the following packages in order to join this pc's to the Zentyal server:

Code: [Select]

apt-get install samba-common smbclient winbind libpam-winbind libnss-winbind libpam-heimdal krb5-user krb5-config cifs-utils libpam-mount

smb.conf (client):

Code: [Select]

[global]
workgroup = SCHOOL
realm = SCHOOL.ZONE
security = ADS
encrypt passwords = Yes

idmap config *:backend = rid
idmap config *:range = 10000-20000

winbind use default domain = Yes
winbind enum users = Yes
winbind enum groups = Yes

template shell = /bin/bash

krb5.conf (client; copied from zentyal server)

Code: [Select]

[libdefaults]
    default_realm = SCHOOL.ZONE
    dns_lookup_kdc = true
    dns_lookup_realm = false
    rdns = no

added to pam_mount.conf.xml (client)

Code: [Select]

<volume
fstype="cifs"
server="192.168.20.10"
path="%(USER)"
mountpoint="/home/SCHOOL/%(USER)"
user="*"
options="sec=krb5,cruid=%(USERUID),domain={full domain},uid=%(USERUID),gid=%(USERGID),rw"
/>

<umount>umount -l %(MNTPT)</umount>

With the network settings from above every host has a working DNS (local and internet). But when I try to join the clients to Zentyal 4.1 I get error messages in relation to name resolution.

If I change the network settings on the clients (static) to:

Code: [Select]

auto wlan0
iface wlan0 inet static
address 192.168.20.104
netmask 255.255.255.0
network 192.168.20.0
broadcast 192.168.20.255
        gateway 192.168.20.10 (Zentyal Server)
dns-nameserver 192.168.20.10 (Zentyal Server)
dns-search school.zone

I can join the client to Zentyal 4.1 without any errors; user can login and there home folder gets mounted; files and directories the user creates get stored on the server; when the user logs out, his home folder gets unmounted. But the clients have not Internet anymore.

Which Zentyal modules do I have to enable/disable and how do I have to configure Zentyal, so that I can use the router as DNS/DHCP server and gateway?

Any hint is welcome!!

Kind regards, Roland

[desperados]

hi
server can access internet?
dns forwarders are ok?
have you made some tests with nslookup? output?

[jandoe]

Interesting is that - when I use the Zentyal server on the client as gateway and dns server and set the router as dns forwarder - I can nslookup domains like www.yahoo.com. I also can "first-level" google in the Browser, but when I double-click links from "first-level" search results, the Browser tries to connect, but nothing happens.

Kind regards, Roland

[desperados]

maybe some trouble with zentyal firewall ?
tracert / traceroute from zentyal and from clients ?