[SOLVED] Zentyal 3 samba 4 DNS configuration cannot enable file sharing

[daniellench]

Fresh install, i cannot get file sharing enabled so i can setup zentyal as a Domain Controller for a windows domain.
I've been using zentyal since it was eBox (1.2 i think) and the samba 4 implementation has me puzzled.

Can someone provide good examples for the DNS configuration and anything else to be able to get this thing running correctly. i have no idea what to put in here.

best,
dan

[jjmontes]

Let's see if this helps:

If your Samba domain is going to be "hq.mycompany.com", then you need that domain configured in DNS, pointing to your internal IP address. It should contain a host, which would be 'server.hq.mycompany.com", also pointing to your internal IP address.

Your hosts resolution (Network/DNS) should include 127.0.0.1 as its first entry, so Zentyal uses its own DNS server.

Enable the Users module, save changes.

Then enable the File Sharing module.

[benronlund]

After that remember to synchronize client to your PDC which should have NTP configured and synchronized as well. Kerberos authentication requires NTP synchronization.

[Escorpiom]

That makes two of us.
I don't need the domain controller functionality, just basic filesharing.
I haven't got a clue as of how to set this up.

Samba domain could be workgroup? I understand we cannot put in the Internet domain here, it has to be a local domain (for example mycompany.lan).
I really hope to see some practical examples from people who got this to work, I find this rather confusing.

Cheers.

[daniellench]

The other question I forgot to mention and realized after talking with ichat on the irc is that my router/firewall (pfsnese) is the current domain name server for the network. My zen2.0 box is the PDC for company 1 and company 2 and 3 are using a m$ workgroup. This is a multi tenant signal gateway building. The zen 2.0 box has never done anything but be the PDC for company 1 (netlogon and roaming profiles).

The pfsense if forwarding dns to the building and is the dhcp server. its doing alot of other trick stuff and is not going away. My biggest want for the zen3 box is LDAP that is working correctly, so I can authenticate the users for the freenas box instead of hand entering their crap in freenas. for some reason my zen2.0 box wont 1). connect to the zen cloud to backup, 2). accept the freenas LDAP connection, 3). upgrade correctly with the upgrade scripts. so i'm forced (happily) to upgrade to zen3.

So...

so here is my sanitized current configuration:
company.com (fqdn, web presence)
office.company.com (fqdn, dyndns to the physical building)
10.0.0.1 alpha (gateway, dhcp, dns, firewall, openvpn, traffic shaping, etc...) alpha.office.company.com will resolve correctly
10.0.0.2 echo (freepbx server whole building)

   10.0.1.1 zulu (zen 2.0 box. PDC company 1)
   10.0.1.254 whiskey (freenas box with zfs pool for company 1)
   10.0.1.0/24 company 1 subnet

   10.0.2.0/24 company 2 subnet

   10.0.3.0/24 company 3 subnet


i know this will help someone else once we can detail it out.
best,
dan

[daniellench]

why do i have a -1 karma??
those scientologists did say i have a high lack of accord!?

[benronlund]

I made a 3 page guide on how I got Zentyal file sharing/PDC authentication to work. You can find it here
http://forum.zentyal.org/index.php/topic,12603.msg52098.html#msg52098

In regards to your FreeNAS LDAP authentication the only suggestion I have is to make sure you enable PAM module for all users when setting up your PDC. I'm not sure but I'd try to join FreeNAS to the LDAP Samba Server and then add permissions to the folder for your respective groups and users in security and then share the folder at the end. If you already have these shares I would just go to the volume level and remove permissions for everyone but root (this is on your FreeNAS server before joining Domain) and then reintroduce them after you have joined the domain.

Also get another opinion before following this guide, this is just my best guess.

[Sam Graf]

why do i have a -1 karma??

It's not always easy to know. Generally, "smites" are given to people who act rudely or violate written and unwritten rules about online and BBS behavior in general and Zentyal's community expectations in particular.

I'm not fond of the karma feature (it's more fluff than substance, IMHO) so I tend to ignore everyone's karma rating. For what it's worth.

[daniellench]

ok i resolved this. during the initial install i chose DHCP. DON'T DO THAT

configure you're static IP for the server, PLEASE GO STATIC DURING THE INITIAL INSTALL NOT AFTER. enter your information, gateway, dns etc... correctly during the setup

after doing this and picking the office suite everything came up enabled and working correctly.

[Escorpiom]

Thanks for the tip. I remember others had similar problems with non-configured or disconnected network interfaces. 
Static IP refers to the internal interface, external can be DHCP and should not interfere.

Cheers.