Author Topic: General newbie type help  (Read 2321 times)

davidjm

  • Zen Apprentice
  • *
  • Posts: 10
  • Karma: +0/-0
    • View Profile
General newbie type help
« on: March 28, 2016, 09:09:15 pm »
Hi,

First post - be gentle please!

I have been running Zentyal alongside WinSBS2003 for a while now as a mail server and it works well. However it is time to kill the SBS box as the company that belongs to is now defunct as is SBS.

A quick question first, i am running 3.5 and trying to upgrade to 4 but it keeps saying modules failed to download, for example; E: Failed to fetch http://security.ubuntu.com/ubuntu/pool/main/l/linux-firmware/linux-firmware_1.127.18_all.deb  404  Not Found [IP: 91.189.91.15 80] is there anything i am doing wrong?

Moving onto setup. Been playing with adding Windows clients to Zentyal as a PDC and generally all appears OK. I had to play around a fair bit in DNS adding hostname to IP addresses but it seems to work OK. However it got me thinking i had set the system up incorrectly from the beginning, what i have is;

Zentyal box is called mydomain.com it acts as an MX for mail.mydomain.com and www.mydomain.com is hosted on a virtual server however i think i should have set the Zentyl up as mydomain.local but if i change this now it warns about loosing user data, what should i do?

If i setup Outlook 2010 the Zentyal box complains bitterly about relaying. If turn off SPA in Outlook and connect using TLS on ports 143 and 465 it works but not on the machine connected to the Zentyal domain! I guess this is an AD versus email login thing? The email login is user@mydomain.com but the Zentyal AD login appears firstname.lastname do i need these the same?

The box certificates dont work well at the moment. Everytime we login users have to accept the certificate. I setup a self cert issued to mail.mydomain.com and issued by mydomain.com but Windows doesn't like this, is there a better plan for this? Or is this simply a windows thing?

Any help would be appreciated, thanks, David

davidjm

  • Zen Apprentice
  • *
  • Posts: 10
  • Karma: +0/-0
    • View Profile
Re: General newbie type help
« Reply #1 on: March 28, 2016, 09:37:31 pm »
Think i fixed the update to 4 thing, logged in using putty and ran an apt-get update, seems to be working now.

vmb

  • Zen Apprentice
  • *
  • Posts: 46
  • Karma: +5/-0
    • View Profile
Re: General newbie type help
« Reply #2 on: March 31, 2016, 02:40:21 am »
Well done on the upgrade to 4. I don't know anything about SBS but if it originally provided Active Directory at the site and your Zentyal system is joined to it, make sure you are on Zentyal 4.2 running Samba 4.3.x and have transferred ALL seven FSMO roles to Zentyal before getting rid of SBS. https://wiki.samba.org/index.php/Transfering_/_seizing_FSMO_roles

If I read your post correctly, you have a web site hosted externally with a provider and have setup your Zentyal server with the same domain name on your LAN. This is OK, it's called split DNS. Don't use .local as it's not been a good choice since the global TLD expansion. If Zentyal is providing DNS to your LAN clients, setup a host record in Zentyal for www that resolves the same IP address that your hosting provider has given your website.

If you are using Zentyal generated certificates either permanently accept the self signed certificate when you get an error on the client or export your Zentyal CA public certificate and import it into your clients or add it to the clients certificate bundle.

Your 'relaying' problem is worrying. If you have an open mail relay you need to shut it down quickly and fix the configuration problem before your domain gets blacklisted for sending spam. Learn how to use nslookup and dig to test the public facing DNS that your website is using and what your public MX records are. Read up about split DNS and draw diagrams on paper to illustrate to yourself how it works in your environment.